Question

“Monitoring” doesn't seem to work on security policies

  • 30 June 2020
  • 2 replies
  • 1319 views

Badge

I set the security policy named LAMP as shown in the figure, and set it to monitor mode.

LAMP-DB

CentOS 7

MySQL is running on port 3306.

LAMP-WEB database request is accepted.

There is no control by fiwewalld.

Can VMs in this tier talk to each other ? - No

LAMP-WEB

CentOS 7

Wordpress and apache are running.

Web services are launched on http port.

There is no database, no control by fiwewalld.

Can VMs in this tier talk to each other ? - No

 

Then I did the following:

  1. View LAMP-WEB in browser from 192.168.0.0/23 segment.
  2. Ping to LAMP-DB from 192.168.0.0/23 segment.

However, “Monitoring” screen shows “Tcp Port:80 No flows found” (as shown in the figure) and despite success of the ping, “No uncaptured traffic flows were detected." is displayed.

Why can't "Monitoring" catch the packets?


2 replies

Badge

Hi @yamachan, the monitoring page in the Prism takes few minutes to show the captured packets. Also I would suggest to refresh the page or close the page and re-visit after the ping has initiated. Also was it a continuous ping?

Badge

Hi @RAMESH BABU, thanks for the suggestion.

But even if I left it alone for an hour or so, it was still “No uncaptured traffic flows were detected”.

I've been chasing this problem for a long time. Today, I realized that the basic setup might be wrong. I wrote about this setup in the topic: How do I configure physical nic(s) to appear on the Virtual Networks screen?

Reply