cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1222
Views
15
Helpful
10
Replies
Highlighted
Beginner

FP1010 FDM 6.7 - configure SNMP via Rest API

Hey, just want to know if there is anyone who could explain how to configure SNMP on FDM 6.7 (Cisco Firepower 1010).

With 6.7 there is no FlexConfig for SNMP anymore and you have to use the REST API and this is nether well

documented anywhere (how to do so), nor are there any tutorials for SNMP configurations via API.

This, for me at least, is a ridiculously complicated way to configure something.

I also have no FMC here.

 

BR

Steve

 

Edit: I've used the API Explorer and could GET some Information and also POST some, like location and contact etc.

But I have no clue about the snmphost part.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

10 REPLIES 10
Highlighted
Beginner

Hey Steve,

Are you trying to configure SNMP v2 or v3?

Highlighted

Sorry for the late reply. Just simple SNMP v2.

Highlighted

Hey Steve,

No problem.

Try the following for SNMP v2:

curl -sk -H "Content-Type: application/json" -H "Authorization: Bearer <ACCESS TOKEN>" -X POST -d \
'{"type":"snmphost","name":"SNMPV2-POLLER","interface":{"type":"physicalinterface","name":"outside"},"managerAddress":{"type":"networkobject","name":"<NETWORK OBJECT NAME>"},"securityConfiguration":{"type":"snmpv2csecurityconfiguration","community":"<COMMUNITY STRING>"}}' \
https://<FDM-MGMT-IP>/api/fdm/latest/object/snmphosts | jq -r '.'

Kind regards,

Michael

Highlighted

Hey thanks for your reply. Unfortunately I can't set this as solved because I don't have access to the Firepower anymore. It's already delivered to our customer. And it sits there on the desk till we get some further information about an site-to-site vpn from another customer. I'll get back to your Post in a couple of weeks.

But thank you so much for your help.

Highlighted

Hey Steve. No problem at all

 

 

Highlighted

Hi Michael, i have the same problem but i have no idea about Rest API and how to use your script. Please, can you help me? Thank you,

Marcello

Highlighted

Hi Marcello,

Have a read through the following Cisco Firepower Threat Defense REST API guide to get started:

https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-api/guide/ftd-rest-api/ftd-rest-api-intro.html

Essentially you are just sending a cURL request to the FDM API to configure SNMPv2 programmatically.

You need to request an access token first and then submit this access token in the command I showed in my previous comment (i.e. replace <ACCESS TOKEN> with your access token)

<NETWORK OBJECT> needs to be replaced with a network object that contains the IP address of the SNMP poller.
<COMMUNITY STRING> needs to be replaced with a community string that you define.
<FDM-MGMT-IP> needs to be replaced with the FDM management IP

Kind regards,

Michael

Highlighted

Hi MIchael,

really thanks for your answer.

I need to use PRTG Network Monitor software for monitoring FTD and i don't understand what i have to do on the monitoring software (PRTG) and what on the FDM. I haven' t developer background and it's very difficult for me understand the needs. 

Regards

 

Marcello

 

Highlighted

Highlighted
Cisco Employee

Content for Community-Ad