User ID agents showing as red

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

User ID agents showing as red

L3 Networker

I have 3 separate domains on my network and they are not trusted together.  On my main domain where the firewall is installed the agent shows green, however when I install the agent under the remote domains (on different subnets across the country) the icon is red.  The settings match my 2 main domain controllers that are working.  When I look at the remote DCs they are reading the log files.  Also port 5007 is reachable from the outside.  Any thoughts on why they aren't connecting?  I am not seeing any details as to why.

22 REPLIES 22

My Management ip and default gw are on a completely different subnet than my LAN on eth1/2 will this matter?

why don't you use default gateway as eht1/2 ip ? I think you can.

All of our network management is on a separate subnet such as firewall, switches, etc... we do not put the management on the same as the LAN typically.  Is this what is causing the issue perhaps?  2 of my domain controllers are on the same subnet as the LAN interface and those work without issue even through the traffic goes out the management interface.  It just affects the remote DCs.

So try to write 2 route for these 2 ip address forward them to eth1/2

you'll write these routes to management route table(service route) not virtual router

So I have a better understanding of how the firewall works, is the behavior that i am seeing by design where subnets somewhere down the line do not directly work like I am experiencing?

That depends on topology.Service route can be configured with many options.

Usually the management IP address is used to access the userID agent

If you have a UserID agent running on a DC that is on a different subnet than the management IP address then you'd have to ensure that there exists a route in your internal network permitting traffic exchange between the UserID agent and the management interface . You  can also create a service route (under management Set up) for the User ID traffic to be allowed to pass through the dataports to the UserID agent.

Please ensure you can ping the UserID agent server from the management interface - if not using the service route option

So basic connectivity and access to the ports mentioned above are imperative

  • 8977 Views
  • 22 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!