question

Glenn D. avatar image
Glenn D. asked ·

Multiple ActiveGates for segmented network.

I have two completely segregated parts of my network, one with access to the internet where I've already installed an ActiveGate (to collect my Azure traffic) and to relay Dynatrace data between my oneagents and the SaaS Dynatrace. I have another network segment that has no access to the internet or the outside world (and it needs to stay that way) where I need to monitor applications.

Can I install another ActiveGate within that isolated segment, point all of the agents to talk to it, and then have it talk to the primary ActiveGate (as a sort of proxy)? Or do I have to give the isolated ActiveGate a path through the firewall to reach the Dynatrace home?

activegatenetwork
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

James K. avatar image
James K. answered ·

The only scenario where something like that can work is if it's an Environment AG talking to a Cluster AG as noted here. If they are both Environment AGs that will not work.

Note that if needed you can configure a true proxy for the AG to use.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Glenn D. avatar image
Glenn D. answered ·

So I'll need to stand up a new Cluster ActiveGate within my internet-accessible environment, then point my existing Environment ActiveGate (which monitors Azure) to it, then stand up another Environment ActiveGate within my siloed environment, and whitelist traffic between the Cluster ActiveGate and the siloed ActiveGate? Like the diagram here https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-activegate/basic-concepts/supported-connectivity-schemes-for-activegates/

Does that sound right?

3 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Hi Glenn,

Edit: Dynatrace SaaS does not have Cluster ActiveGates. Environment ActiveGates do not function as a proxy for other Environment ActiveGates. The isolated ActiveGate needs to directly communicate to the Dynatrace Server or via an actual proxy.

Sia

0 Likes 0 · ·

Am I able to have two Environment ActiveGates? One in my connected network and one in my isolated network? Or will I have to whitelist a bunch of traffic between Azure, Dynatrace SaaS, and my isolated ActiveGate?

0 Likes 0 · ·

You can have as many Environment AGs as you want and OneAgents will make use of any that they can reach, but Environment AGs cannot send data back through another environment AG. Only through a cluster AG (if Managed) or directly to the Dynatrace server nodes.

0 Likes 0 · ·

Space Topics

mobile monitoring dotnet synthetic monitoring reports iis chat kubernetes servicenow amazon web services mysql mainframe rest api errors cassandra dashboard oneagent sdk cmc application monitoring openkit smartscape request attributes monitoring developer community user tagging log monitoring services ufo syntheticadvisory activegate ip addresses auto-detection high five award oracle hyperion webserver uem usql iib test automation license web performance monitoring ios news migration management zones index ibm mq web services custom event alerts notifications sso host monitoring knowledge sharing reports browser monitors java hybris sap vmware maintenance window user action naming javascript appmon ai synthetic classic availability tipstricks automation extensions session replay diagnostic tools permissions davis assistant faq documentation problem detection http monitors server easytravel apdex aws-quickstart network docker tags and metadata cloud foundry google cloud platform synthetic monitoring process groups account usability dynatrace saas gui paas openshift key user actions administration user actions postgresql synthetic locations oneagent security Dynatrace Managed user management custom python technologies mongodb openstack user session monitoring continuous delivery citrix configuration alerting NGINX action naming linux nam installation masking error reporting database mission control jmeter recorder apache mobileapp RUM php threshold azure purepath davis scripting agent aix nodejs android