[Xymon] PSclient sending from intranet

Kris Springer kspringer at innovateteam.com
Tue Nov 6 21:29:33 CET 2018


I've configured one of my PSclients to test this HTTPS functionality, 
and it indeed does try to send data over port 443. But the client logs 
say that my Xymon server is timing out.  Is there a specific server url 
path that I need to be using?  The documentation doesn't give any example.

Kris Springer


On 11/6/18 7:54 AM, Timothy Williams wrote:
> The Powershell client can connect to the Xymon server using TCP port 
> 1984 as default, but can also connect using HTTP or HTTPS with/without 
> user/password. You likely have port 80 or 443 open. Here are Word doc 
> details:
>
> HTTP is an alternate method. It can be used if you have 
> xymoncgimsg.cgi running on the web server on your Xymon server – see 
> https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html. The 
> web server running the CGI can be configured for SSL (i.e. HTTPS) and 
> / or authentication – XymonPSClient supports basic authentication and 
> SSL. If you require authentication, the <serverHttpUsername> and 
> <serverHttpPassword> elements should be configured.
> If you are using HTTP and transmitting over unsecure networks (e.g.  
> the internet), it is strongly recommended to enable SSL, 
> authentication and disallow HTTP connections.
>
> ServerHttpPassword encryption
> If <serverHttpPassword> is set, the Xymon client will encrypt the 
> password if it is not encrypted and remove the plain text password 
> from the configuration file, overwriting with the encrypted password. 
> The Xymon client will prefix the encrypted password with 
> ‘{SecureString}’, so it is easy to tell if the client has attempted to 
> encrypt the password or not.
> This is done using the .NET SecureString functions, which means that 
> the encryption is unique to the server and user. This means that once 
> the password has been encrypted, you cannot use the same 
> xymonclient_config.xml on another server. It also means that if you 
> have been testing by running XymonPSClient from a command prompt, and 
> this encrypts the password, when you run XymonPSClient as a service it 
> will not be able to decrypt the password unless the service is running 
> as the same user.
> In both scenarios, replacing the encrypted password with the plain 
> text password and re-starting Xymon will cause the password to be 
> re-encypted.
>
>
> Tim Williams
>
> On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher 
> <schritte at ub.uni-frankfurt.de <mailto:schritte at ub.uni-frankfurt.de>> 
> wrote:
>
>     any possibility to send something from intranet to the world outside?
>     creating webpage, send by sftp or scp? This could be done by cron and
>     xymon could analyze this data then.
>     > Anyone have an idea about how to collect client server stats
>     using the
>     > Powershell client on machines that are on an intranet that
>     blocks port
>     > 1984, and send it out to our external xymon server located in a
>     > different part of the country?  The intranet network doesn't
>     want to
>     > open any additional ports to allow the traffic out.
>     >
>
>     -- 
>     Mit freundlichen Grüßen
>     Rolf Schrittenlocher
>
>     Lokales Bibliothekssystem Frankfurt
>     Bockenheimer Landstr. 134-138, 60325 Frankfurt
>     Tel LBS: (49) 69 - 798 28830
>     Tel persönlich: (49) 69 - 798 28908
>     LBS: lbs at ub.uni-frankfurt.de <mailto:lbs at ub.uni-frankfurt.de>
>     Persönlich: schritte at ub.uni-frankfurt.de
>     <mailto:schritte at ub.uni-frankfurt.de>
>
>     _______________________________________________
>     Xymon mailing list
>     Xymon at xymon.com <mailto:Xymon at xymon.com>
>     http://lists.xymon.com/mailman/listinfo/xymon
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181106/dd993f6d/attachment.html>


More information about the Xymon mailing list