Multiple VPN connections to monitor remote machines

[burgerflipper]

Hi guys,

I'm trying to implement a network monitoring system (NMS) to monitor several remote computers on private network segments using SNMP over VPN.

Currently I have 5 computers, each at a different location and on a different private network segment. They send logs back to a data server periodically over VPN connection and this VPN connection uses a non-standard port.

I'm planning to setup another standalone machine with network monitoring system and place it at the same network segment as the data server so that I can establish VPN connection to the remote devices and then monitor them via SNMP protocol.

My question here is will the implementation above work? Can a single machine create multiple VPN connection with only 2 network interface?

Would also appreciate it if you guys could provide me with some feedback and suggestion regarding this implementation.

Thanks in advance and hope to hear from you guys.

[vprasad84]

hello,

can you brief how the machines are sending data to the dataserver. Do you mean that you would enable snmp in all the computers & the server shall connect to all the computers using the snmp protocol & collect statistics data from them.

Could you tell me that you want to calculate the traffic which goes through over the vpn links or between the LAN segments of those machines itself. I can have a solution where you can configure netflow in all the routers you have in each location & those routers will send the netflow to the central NMS Server & NMS Server shall account traffic stats as per each location.

[burgerflipper]

hello,

can you brief how the machines are sending data to the dataserver. Do you mean that you would enable snmp in all the computers & the server shall connect to all the computers using the snmp protocol & collect statistics data from them.

Could you tell me that you want to calculate the traffic which goes through over the vpn links or between the LAN segments of those machines itself. I can have a solution where you can configure netflow in all the routers you have in each location & those routers will send the netflow to the central NMS Server & NMS Server shall account traffic stats as per each location.

Hi vprasad. Thanks for the prompt reply.

The remote machines sit in private network segments and they send logs back using a proprietary software via VPN. Those are unimportant anyway because we know that the machines are VPN enabled.

Would like to know if I can establish multiple VPN link to all the machines through one network interface. If you have some other suggestions I'm interested to hear it out as well.

If we were to go ahead and implement a NMS then yes I would have to enable SNMP on all the remote machines. The plan is to have the network monitoring server to connect to the remote machines using VPN and then use SNMP to query them.

The purpose of this NMS is to actually get some vital statistics from the remote machine such as processes, disk i/o, CPU load and memory usage. Not so much of monitoring the traffic. The network monitoring station is running Centos by the way.

Thanks in advance.

[vprasad84]

i am still consufed about the multiple vpn link establiushment through a single interface.

Do you mean that you have multiple vpn links & 1 link you would use for regular usage & other link only to collect your NMS related data. If yes then you can do so. You simply need to route the NMS Server ip address via 2nd link & you need to add this routing on each router.

[burgerflipper]

i am still consufed about the multiple vpn link establiushment through a single interface.

Do you mean that you have multiple vpn links & 1 link you would use for regular usage & other link only to collect your NMS related data. If yes then you can do so. You simply need to route the NMS Server ip address via 2nd link & you need to add this routing on each router.

Hi prasad, sorry for the late reply.

Let me clarify this. We have several machines at remote sites. These machines regularly send logs back to our data server using VPN over SSH. But it's a one way passive communication whereby our data server is only 'listening' and getting logs from remote server.

As of now, I would like to setup a network monitoring system to remote these machines but I'm thinking about the best possible way to go about establishing communication with the remote machines in order to monitor them.

What I was thinking is establishing multiple VPN or SSH tunnel from the NMS with each tunnel connecting to its respective remote machine. I'm just wondering if this will work.

Thanks in advance.

[vprasad84]

Hello,

based on my understandings, it is the client computer which is establishing a single vpn connection tunnel to the server & sending logs to the server & server cannot establish direct communication to the client.

If you setup a MPLS/VPN or a vpn tunnel to entire subnet where each & every client machine is connected by the server then What you are looking for that your NMS to connect to each machine is possible but you need to ensure that if any firewall/security software doesnot blocks the server requests.

If you have router/firewall, you can establish vpn tunnel for entire subnet between firewall to firewall or router to router & your server should be able to connect to client computers directly & reverse accordingly.

However i would recommend that even if you establish vpn as such each & every machine could be connected, let the client connect to server & not server needs to go to client.