12-09-2011 05:10 AM
I'm in the process of rolling out snmp-server community for LMS for all our devices. A few devices is VRF enabled, hence I need to ping the LMS server through a VRF and not the global routing table. To my knowledge the ' snmp-server host 11.22.33.44 vrf VRF XXXX' command only sends traps/notifications to DFM , is there a similar comand for the 'snmp-server community xxxx RO 1' ?
I can ping the device from the LMS server but the snmp-server community access-list does not show any hits for the LMS IP and hence the device is not registered in LMS.
Any ideas?
Solved! Go to Solution.
12-09-2011 08:32 AM
"failed" from device center while the LMS server is validated (via your snmpwalk test) to be able to reach the device is most often a resullt of incorrect credentials being used by the LMS server.
That said, I would still expect the ACL to increment when you try from Device Center. Something is definitely going on with the LMS server's SNMP settings.
Can you capture traffic leaving the LMS server for the device when you try the Device Center check? If the SNMP queries are leaving the server, you should see the credentials being used embedded in them.
12-09-2011 06:04 AM
VRFs can be tricky to work with.
When you ping the device from LMS, are you hitting an SVI that's in the VRF subnet (and reflected in the device's routing table for that VRF)?
Can you ping LMS from that same SVI (using the VRF RIB or routing table)?
12-09-2011 06:51 AM
Yes, I am hitting an SVI in the VRF subnet and I can ping LMS from the same SVI when using the VRFs RIB.
12-09-2011 07:03 AM
So manually-initiated communications appear to be working in both directions. That's good.
Since you're not seeing hits on your acl at the device, I'd next check to see the traffic leaving your LMS server. You can run a Wireshark capture there (or use the built-in packet tracer), filtering on your device's destination IP. I'd initiate a comms check from Device Center in LMS (or snmpwalk from the cli) to manually trigger an SNMP query.
If you don't see any SNMP queries leaving, LMS is the culprit (I'd check the DCR entry for the device in question). If you do see the traffic leaving then there is a network / device issue.
12-09-2011 07:58 AM
I just did a SNMP Walk and the access list recieved hits for the first time. The results looked normal, but when I test SNMP reachability from the Device Center i get Failed! (And the device is not registrered in LMS) To me this is strange behaviour.
Am I missing someting here?
12-09-2011 08:32 AM
"failed" from device center while the LMS server is validated (via your snmpwalk test) to be able to reach the device is most often a resullt of incorrect credentials being used by the LMS server.
That said, I would still expect the ACL to increment when you try from Device Center. Something is definitely going on with the LMS server's SNMP settings.
Can you capture traffic leaving the LMS server for the device when you try the Device Center check? If the SNMP queries are leaving the server, you should see the credentials being used embedded in them.
12-15-2011 12:04 AM
It appeared that it was wrong credentials after all... Its workin now. Thanks for your efforts
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide