Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
946
Views
0
Helpful
7
Replies

Sending SNMP traps

SlipperyPete
Level 1
Level 1

‎07-13-2009 12:31 PM

I'm trying to configure a switch to send traps to our network management system. To test it, I'm trying to send traps for creating new VLANs. I've configured it like this:

snmp-server community [RO_comm_string] RO

snmp-server community [RW_comm_string] RW

snmp-server enable traps vlancreate

snmp-server host xxx.xxx.xxx.xxx [RO_comm_string]

Is there anything missing from my config? The Cisco documentation says I also have to configure an engineID, an snmp-server user and an snmp group, but I've seen other documentation that says I only have to configure the NMS server and the traps that I want to enable (which is what I've done in they config above).

Thanks.

Labels:
0 Helpful
7 Replies 7

Joe Clarke
Cisco Employee
Cisco Employee

‎07-13-2009 12:41 PM

This configuration is fine for sending SNMPv1 traps to a management server.

0 Helpful

SlipperyPete
Level 1
Level 1
In response to Joe Clarke

‎07-13-2009 12:53 PM

Okay, but our NMS is configured to use v2. Is there a way of verifying whether the switch is using v1 or v2?

0 Helpful

Joe Clarke
Cisco Employee
Cisco Employee
In response to SlipperyPete

‎07-13-2009 12:55 PM

Sure, you can add "version 2c" to your snmp-server host line:

snmp-server host x.x.x.x traps version 2c COMMUNITY

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SlipperyPete

‎07-13-2009 01:06 PM

From the Common Services User guide:

Select Device Diagnostic Tools > Device Center.

Step 2 Enter the name or IP address, fully qualified domain name, or hostname of the device you want to check

in the Device Selector field and click Go.

Or

Select the device from the list tree.

The Summary and Functions Available panes appear.

Step 3 Click Management Station to Device in the Functions Available pane.

The Management Station to Device dialog box appears.

Step 4 Select the connectivity applications you want to select.

All information you enter in the fields are case sensitive.

If you select SNMP v1/v2c, you should:

• Select either SNMP v1 or v2c. The default is SNMP v2c.

• Enter the Read Community String.

• Enter the Write Community String.

• Enter the Time out in seconds. The default is 2 seconds.

...

Step 5 Enter the Timeout in seconds and click OK.

The default is 2 seconds.

The Interface Test Results popup displays the results. The Interface Details results screen shows the

interfaces tested and the test results for each option.

Hope this helps.

0 Helpful

SlipperyPete
Level 1
Level 1
In response to Marvin Rhoads

‎07-13-2009 01:18 PM

I think you're talking about CiscoWorks, correct? We're actually using SolarWinds NCM, but thanks for the input nonetheless.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SlipperyPete

‎07-13-2009 02:48 PM

Oh, I incorrectly assumed you had a CiscoWorks. I don't have a copy of Soalrwinds NCM to check for equivalent functionality, but you can always just use a network analyzer to look at the packets flowing between your management station and the device and examine them for snmp v2 protocol usage.

Since Solarwinds is Windows-based, you can use any of several free protocol analyzers (if you don't already have one). Look at Wireshark (formerly Ethereal) or Microsoft Network monitor.

http://www.wireshark.org/

http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

Hope this helps. Please rate helpful posts.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-13-2009 12:54 PM

As noted in the command reference (http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_20.html),

- re EngineID:

"The SNMP engine ID is a unique string used to identify the device for administration purposes. You do not need to specify an engine ID for the device; a default string is generated using Cisco's enterprise number (1.3.6.1.4.1.9) and the mac address of the first interface on the device. For further details on the SNMP engine ID, see RFC 2571."

- re snmp-server group:

"When a community string is configured internally, two groups with the name public are autogenerated, one for the v1 security model and the other for the v2c security model."

In other words, if you are OK with the "public" group, there's no need to create additional groups.

- re snmp-server user

That command is only necessary when further securing snmp using, for example: snmp-server groups, passwords, and access-lists.

Hope this helps.

0 Helpful
Top