cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6745
Views
15
Helpful
11
Replies

FP1010 FDM 6.7 - configure SNMP via Rest API

Steveo2000
Level 1
Level 1

Hey, just want to know if there is anyone who could explain how to configure SNMP on FDM 6.7 (Cisco Firepower 1010).

With 6.7 there is no FlexConfig for SNMP anymore and you have to use the REST API and this is nether well

documented anywhere (how to do so), nor are there any tutorials for SNMP configurations via API.

This, for me at least, is a ridiculously complicated way to configure something.

I also have no FMC here.

 

BR

Steve

 

Edit: I've used the API Explorer and could GET some Information and also POST some, like location and contact etc.

But I have no clue about the snmphost part.

1 Accepted Solution
11 Replies 11

michaelsaleem
Level 1
Level 1

Hey Steve,

Are you trying to configure SNMP v2 or v3?

Sorry for the late reply. Just simple SNMP v2.

Hey Steve,

No problem.

Try the following for SNMP v2:

curl -sk -H "Content-Type: application/json" -H "Authorization: Bearer <ACCESS TOKEN>" -X POST -d \
'{"type":"snmphost","name":"SNMPV2-POLLER","interface":{"type":"physicalinterface","name":"outside"},"managerAddress":{"type":"networkobject","name":"<NETWORK OBJECT NAME>"},"securityConfiguration":{"type":"snmpv2csecurityconfiguration","community":"<COMMUNITY STRING>"}}' \
https://<FDM-MGMT-IP>/api/fdm/latest/object/snmphosts | jq -r '.'

Kind regards,

Michael

Hey thanks for your reply. Unfortunately I can't set this as solved because I don't have access to the Firepower anymore. It's already delivered to our customer. And it sits there on the desk till we get some further information about an site-to-site vpn from another customer. I'll get back to your Post in a couple of weeks.

But thank you so much for your help.

Hey Steve. No problem at all

 

 

Hi Michael, i have the same problem but i have no idea about Rest API and how to use your script. Please, can you help me? Thank you,

Marcello

Hi Marcello,

Have a read through the following Cisco Firepower Threat Defense REST API guide to get started:

https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-api/guide/ftd-rest-api/ftd-rest-api-intro.html

Essentially you are just sending a cURL request to the FDM API to configure SNMPv2 programmatically.

You need to request an access token first and then submit this access token in the command I showed in my previous comment (i.e. replace <ACCESS TOKEN> with your access token)

<NETWORK OBJECT> needs to be replaced with a network object that contains the IP address of the SNMP poller.
<COMMUNITY STRING> needs to be replaced with a community string that you define.
<FDM-MGMT-IP> needs to be replaced with the FDM management IP

Kind regards,

Michael

Hi MIchael,

really thanks for your answer.

I need to use PRTG Network Monitor software for monitoring FTD and i don't understand what i have to do on the monitoring software (PRTG) and what on the FDM. I haven' t developer background and it's very difficult for me understand the needs. 

Regards

 

Marcello

 

dave wolfendale
Level 1
Level 1

Wait until you try in v7, this document does not work.

 

All-in-all, buy something else - not Cisco.

Review Cisco Networking for a $25 gift card