01-02-2018 05:28 AM
Hi all,
I'm trying to implement SNMP monitoring to ACI. I found this guide:
After finishing the configuration, the N9K were reachable via SNMP, but the APICs not. I used the OOB-Interface IPs. Are there any additional configurations I have to do?
BTW: Does anyone know the System OID from an APIC (APIC-SERVER-L2).
Best regards,
Tobias
08-20-2018 11:26 PM
Hey mate,
good idea to check your ACLs which you are using. I'm using version 3.1 (2m), but it'd be pretty similar in your version.
There are 2 sections to configure your ACLs for this in;
1. Under the Fabric / Fabric Policies tab you'll find the path in the left folder explorer Pod Policies / Policies / SNMP / <your SNMP Policy Name>. In the window that appears as 'Client Group Policies' make sure to add the subnets which you will be using to poll (and the management path over which it'll be generated [Inband / OOB]).
2. Navigate to the Tenants / mgmt tab and from the left folder explorer select your applied management contract (under Contracts / Out-of-Band Contracts in my version) and check the filters which you have applied to permit UDP 161 (or whatever port you've chosen to use as your SNMP polling source) with the consuming subnets. Finally, just make sure that this contract is correctly applied to your management VRF (it should be by default).
08-31-2018 04:19 AM
Hi,
I have the same problem.
SNMP to the 9ks works, to the APIC it doesn't.
I've followed all the instructions in this document (twice!):
i've allocated the APIC a static management address, and explicitly allowed UDP in the oob contract.
SNMP requests to the APIC just time out, no response.
What am i missing?
01-31-2019 07:23 PM
A couple other things to double check -
1) The External Management Network Instance Profile includes the subnet you're attempting to source your SNMP polling from and it is consuming the OOB contract you've set to permit SNMP (Along with the other necessary filters).
2) The Out-of-band EPG under Node Management EPGs is providing the contract above.
3) Validate you have entries for the devices you're trying to poll the APICs with under Fabric > Global Policies > SNMP Policy (default if a non-default isn't in use) > SNMP Client Group Policy
08-20-2018 11:27 PM
Also,
All SNMP MIBs for the APIC and the N9ks are available from:
https://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/mib/list/mib-support.html
01-31-2019 09:53 AM
SysObjectID for L2 and M2 is the same - 1.3.6.1.4.1.9.1.2238.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: