SolarWinds N-able N-central® is a Remote Monitoring and Management (RMM) tool commonly used by Management Service Providers (MSPs). RMM agents are installed on MSP customer endpoints to discover IT assets and remotely monitor and manage them.
This document describes how to use N-central to discover and monitor a WatchGuard Firebox.
Platform and Software
The hardware and software used to complete the procedures in this document include:
- Firebox or WatchGuard XTM device installed with Fireware v12.1 or higher
- N-central 22.214.171.1245
- Windows Software Probe 12.0.1365 installed on a Windows Server 2012 R2 server
N-central supports two deployment types: on-premises and hosted. In this document, we use a hosted N-central deployment hosted in the cloud.
This diagram outlines the N-central solution integration:
The configuration steps in this section use Fireware Web UI. The URL to connect to the Web UI in your browser is https://<Firebox-IP-address>:8080.
You must configure the Firebox to accept SNMP polls from an SNMP server. The IP address of the SNMP server is the IP address of the Windows server that will send SNMP probes to the Firebox and report information to the SNMP server.
- Connect to Fireware Web UI (https://<Firebox-IP-address>:8080).
- Select System > SNMP.
- From the Version drop-down list, select the SNMP version as v3.
- Type a user name.
- From the Authentication Protocol drop-down list, select SHA1 and type and confirm the password.
- From the Privacy Protocol drop-down list, select DES and type and confirm the password.
Add an SNMP Policy
To enable the Firebox to receive SNMP polls from the Windows server, you must add an SNMP packet filter policy.
- Select Firewall > Firewall Policies.
- Click Add Policy.
- From the Packet Filter drop-down list, select SNMP.
- In the Policy Name text box, type a descriptive name.
- Click Add Policy.
Now you can edit the policy.
- In the From section, select Any-Trusted. Click Remove.
- Click Add.
The Add Member window appears.
- From the Member type drop-down list, select Host IPv4.
- Type the IP address of the SNMP server.
- Click OK.
- In the To section, select Any-External. Click Remove.
- Click Add.
- Select the alias Firebox. Click OK.
- Click Save.
Log in to the N-central Web UI with the account provided by SolarWinds N-able.
Add a Customer
N-central classifies devices by customer to make the devices for a customer easy to manage. In N-central, you must first create a customer and then add devices to this customer.
- In N-central, select Actions > Add Customers.
- In the Customer Name text box, type a meaningful name to identify the customer.
- Click Save and Continue.
The Add Device page appears.
From the Add Devices page, you can download the probe installer.
Install a Windows Probe
This procedure starts on the Add Device page at the end of the previous procedure.
- If necessary, to get back to the Add Device page select Actions > Add/Import Devices.
- Select Click here to download the probe.
- Download the probe installer.
- Install the probe on the Windows computer. Use the same customer name you specified during installation.
- After you install the probe, select Administration > Probes to see the probe status for this customer.
Enable the SNMP Service
For the Windows server to monitor the Firebox, you must enable the SNMP service.
- On the Windows server, select Start > Run.
- Type services.msc and start the SNMP service. Continue this procedure if you use SNMP v1/v2c.
- Right-click the SNMP service and select Properties.
- Select the Security tab.
- In the Accepted community names list, click Add and add public.
- In the Accept SNMP packets from these hosts list, click Add and add the IP address of the Firebox.
Now the probe can detect and monitor devices in the same network.
Discover the Firebox to Monitor
- In N-central, select the customer.
- Select Actions > Add/Import Devices.
- Click Add a Discovery Job.
- From the Probe drop-down list, select the probe server to use.
- In the Discovery Type section, type the IP Range you want the probe to detect. In this example, the probe server is set up to detect devices with IP addresses in the range 10.0.1.1 to 10.0.1.10. You can also specify the network as an IP address and netmask. To do this, select IP Address and Netmask.
- In the Auto Import tab, you can define which kinds of devices are imported automatically after discovery. In N-central, a firewall is categorized as a Switch/Router.
- In the Schedule tab, from the Type drop-down list, select when you want this discovery job to run. In our example, it is set to Now which means it runs immediately after this job is created.
- Click Finish.
The probe server starts the discovery job.
- To see the job status, select Views > Job Status. Another way to start a discovery job is to select Actions > Run a Discovery.
- After the job is finished, select Views > All Devices.
The devices discovered appear in a list.
- Find your Firebox in the list and click it to select it.
- Select the Settings tab, then select Monitoring Options.
- From the SNMP Version drop-down list, selectv3. Keep the default port set to 161.
- From the Authentication Protocol Method drop-down list, select SHA1 and type the password you set on the Firebox.
- From the Privacy Protocol Method drop-down list, select DES 56and type the password you set in Firebox.
In N-central, you define a service that defines the information to be monitored for a device. There are many pre-defined services you can use, but they might not be suitable for your needs. For example, in the failed and warning service shown below, N-central sets a default value for the threshold of these services, but this threshold might not be suitable for all vendors or devices. You can adjust the thresholds as appropriate for the device you want to monitor.
To define a new or custom service:
- Select Administration > Service Management > Custom Services.
- Click Add.
- Select Service > SNMP.
- In the Name text box, type a descriptive name for this service.
- Each service can include one or more queries. To add a query, in the Queries tab, click Add.
- In the Query Name text box, type a name for the query.
- In the OIDs to be used section, add the OIDs for the items you want to query. See the Appendix for a list of OIDs.
- In the Data and Thresholds tab, click Add Metric to add metrics for query items. Note that, if you add several query items, you must add the same number of metrics with corresponding variables.
- After you add the metrics, click Save to save the service.
The service is now available to monitor the device.
- On the device list page, select the device to be monitored and click Add Service at the top of the page. Or, click the device name to go to the device information page.
- Select Monitoring > Status.
- Click Add.
- From the Monitoring Appliance drop-down list, select the name of the Window Probe server. All available services are shown, including the SNMP service defined earlier (WatchGuard XTM Info).
- Add one instance to run the monitor. Then click Apply to link the service to the Firebox.
Test the Integration
- Select the device name to go to the device information page.
- Select Monitoring > Status.
- Verify that the added service appears and the SNMP check is ongoing.
- When the SNMP check has finished successfully, a green check mark appears in the Status column. Note: There is a known issue with Solarwinds that could cause a custom service to always show a status of "no data". If you encounter this issue, restart all Solarwinds-related services on the computer installed with the probe service. When this is complete, your custom service should correctly detect data.
- Click the service name to see the status details.
About SNMP OIDs and MIBs
SNMP queries are typically formatted as a numeric expression. This is referred to as an Object Identifier (OID). An OID is a numeric reference to a unique object or piece of data.
A Management Information Base (MIB) is a database of OIDs that maps object names to a specific OID.
There are two types of MIBs: standard and enterprise. Standard MIBs are definitions of network and hardware events used by many different devices. Enterprise MIBs provide information about events that are specific to a single manufacturer.
The Firebox supports eight standard MIBs: IP-MIB, IF-MIB, TCP-MIB, UDP-MIB, SNMPv2-MIB, SNMPv2-SMI, RFC1213-MIB, and RFC1155 SMI-MIB.
For more information about Firebox Enterprise MIBs, see https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/basicadmin/snmp_mibs_details_c.html.
To get information through SNMP, you must know the OID of the object. An MIB browser is a good way to see the available MIB and OIDs. There are several free MIB browsers.
As an example, these steps describe how to use the iReasoning MIB browser:
- Install and open iReasoning.
- In the Address text box, type the IP address of your Firebox.
- Click Advanced.
- To read the MIB information for monitoring, in the Read Community text box, type public.
- From the SNMP Version drop-down list, select the SNMP version.
- From the Operations drop-down list, select Walk.
All Firebox MIBs appear in a list.