Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1859
Views
0
Helpful
2
Replies

Unable to do SNMP on Switches

Manoj Wadhwa
Level 1
Level 1

‎03-16-2011 10:42 PM

We are facing a certain problem on couple of swiches in our network. We are presently monioring using snmp from 10.x.x.x segment. Recently our internal setup has changed and the requirement is to monitor from 172.X.X.X segment. We will monitor from both the segments

Both above mentioned segments are routed in the same way to the end devices and we are able to reach them from both the segments. The configuration for both the segments are the same on the end devices w.r.t. snmp.

But snmp walk is not hppening for 172.X.X.X segment to these devices while we are able to from 10.X.X.X segment.

We are observing the below logs on the switch when we enable snmp walk

Mar 17 09:10:02.222 IST: SNMP: Packet received via UDP from 172.23.19.241 on Vlan4
Mar 17 09:10:02.222 IST: SNMP: Get-next request, reqid 828320803, errstat 0, erridx 0
mib-2 = NULL TYPE/VALUE
Mar 17 09:10:02.230 IST: SNMP: Response, reqid 828320803, errstat 0, erridx 0
system.1.0 = Cisco IOS Software, C3560 Software (C3560-IPBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
Mar 17 09:10:02.230 IST: SNMP: Packet sent via UDP to 172.23.19.241

The error on the server is as below


$ snmpwalk -c xxxxxxx 172.23.192.253 -v 2c
Timeout: No Response from  172.23.192.253

Please advice. Thanks!

Labels:
0 Helpful
2 Replies 2

Martin Ermel
VIP Alumni
VIP Alumni

‎03-17-2011 01:42 AM

this looks like an firewall/ACL issue;

the snmp packets seems to be blocked on their way back from the device to the network management station. You need to make sure to open UDP 161/162 to receive the snmp response and snmp traps from the device;

check if there is an ACL or a firewall involved in the path or if the management station itself does have an AV software/firewall active which could block the packets

depending on your network, another point could be the command

    snmp source-interface xxxx

on the device which could prevent the packets not to find their way to your NMS, thus it would be a routing issue

0 Helpful

vipinrajrc
Level 3
Level 3

‎03-17-2011 02:19 AM

Hi manoj,

This must be an ACL issue.. from the logs it is clear that SNMP packet is not receiving in server but it is sent from switch. So it must be an ACL issue.. use an ACL to unblock that UDP port to the server or that subnet...

one more thing.....

only this server is showing the issue???  R u sure that community string in the server and the switch are same???? Please revert .....

Thanks

Vipin

Thanks and Regards, Vipin
0 Helpful
Customers Also Viewed These Support Documents