[Xymon] PSclient sending from intranet

Tue Nov 6 22:22:28 CET 2018

Alas, I am unable to help further, as my InfoSec allows port 1984, and not
80 or 443 to Xymon, so I don't have http running.

Tim

On Tue, Nov 6, 2018 at 3:29 PM Kris Springer <kspringer at innovateteam.com>
wrote:

> I've configured one of my PSclients to test this HTTPS functionality, and
> it indeed does try to send data over port 443.  But the client logs say
> that my Xymon server is timing out.  Is there a specific server url path
> that I need to be using?  The documentation doesn't give any example.
>
> Kris Springer
>
>
>
> On 11/6/18 7:54 AM, Timothy Williams wrote:
>
> The Powershell client can connect to the Xymon server using TCP port 1984
> as default, but can also connect using HTTP or HTTPS with/without
> user/password. You likely have port 80 or 443 open. Here are Word doc
> details:
>
> HTTP is an alternate method. It can be used if you have xymoncgimsg.cgi
> running on the web server on your Xymon server – see
> https://www.xymon.com/help/manpages/man8/xymoncgimsg.cgi.8.html. The web
> server running the CGI can be configured for SSL (i.e. HTTPS) and / or
> authentication – XymonPSClient supports basic authentication and SSL. If
> you require authentication, the <serverHttpUsername> and
> <serverHttpPassword> elements should be configured.
> If you are using HTTP and transmitting over unsecure networks (e.g.  the
> internet), it is strongly recommended to enable SSL, authentication and
> disallow HTTP connections.
>
> ServerHttpPassword encryption
> If <serverHttpPassword> is set, the Xymon client will encrypt the password
> if it is not encrypted and remove the plain text password from the
> configuration file, overwriting with the encrypted password. The Xymon
> client will prefix the encrypted password with ‘{SecureString}’, so it is
> easy to tell if the client has attempted to encrypt the password or not.
> This is done using the .NET SecureString functions, which means that the
> encryption is unique to the server and user. This means that once the
> password has been encrypted, you cannot use the same xymonclient_config.xml
> on another server. It also means that if you have been testing by running
> XymonPSClient from a command prompt, and this encrypts the password, when
> you run XymonPSClient as a service it will not be able to decrypt the
> password unless the service is running as the same user.
> In both scenarios, replacing the encrypted password with the plain text
> password and re-starting Xymon will cause the password to be re-encypted.
>
>
> Tim Williams
>
> On Tue, Nov 6, 2018 at 9:37 AM Rolf Schrittenlocher <
> schritte at ub.uni-frankfurt.de> wrote:
>
>> any possibility to send something from intranet to the world outside?
>> creating webpage, send by sftp or scp? This could be done by cron and
>> xymon could analyze this data then.
>> > Anyone have an idea about how to collect client server stats using the
>> > Powershell client on machines that are on an intranet that blocks port
>> > 1984, and send it out to our external xymon server located in a
>> > different part of the country?  The intranet network doesn't want to
>> > open any additional ports to allow the traffic out.
>> >
>>
>> --
>> Mit freundlichen Grüßen
>> Rolf Schrittenlocher
>>
>> Lokales Bibliothekssystem Frankfurt
>> Bockenheimer Landstr. 134-138, 60325 Frankfurt
>> Tel LBS: (49) 69 - 798 28830
>> Tel persönlich: (49) 69 - 798 28908
>> LBS: lbs at ub.uni-frankfurt.de
>> Persönlich: schritte at ub.uni-frankfurt.de
>>
>> _______________________________________________
>> Xymon mailing list
>> Xymon at xymon.com
>> http://lists.xymon.com/mailman/listinfo/xymon
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181106/8767846d/attachment.html>