Re: Understanding SNMP Messages

Hawk · ‎05-07-2018

I'm trying to understand SNMP the way its configured in my environment. I have 2 router configurations below & when I lookup SNMP I see that both the monitored node (agent) & the monitoring system (manager) can initiate SNMP messages. In the Cisco diagram I pasted below & other diagrams I've lookup also show that when a Manager is polling an agent, the Manager is initiating the traffic. The diagram also shows that when an Agent sends a trap to a manager, the Agent is initiating the traffic. I am trying to understand what firewall rules need to be created to allow SNMP communication from my routers to my SNMP Monitoring System. Right now I am assuming both the routers & the Monitoring system need to be able to initiate traffic & 2 rules will need to be created based on the configs I have & how SNMP works.

CONFIG #1

snmp-server community p@ssword RO 50
snmp-server trap-source GigabitEthernet0/0/0
snmp-server location New York
snmp-server contact noc@support.com
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps tty

CONFIG #2

snmp-server community p@ssword RO 50
snmp-server location Chicago
snmp-server contact noc@support.com
snmp-server enable traps entity-sensor threshold

Ben Walters · ‎05-07-2018

You are correct, there are 2 rules required for this operation.

1. Monitor Server --> Routers - This allows the server to initiate SNMP polling to the router to obtain SNMP information (CPU/memory/fans/etc.)

2. Routers --> Monitor Server - This allows the routers to send trap messages to the SNMP monitor server when an alert is created on the router based on what you set up.

Understanding SNMP Messages

Understanding IKEv2 Protocol

Understanding FlexVPNs

ASR9000/XR: Understanding SNMP and troubleshooting

FMC/FTD: Syslog messages の確認方法 [中上級者向け]

Re: Understanding the differences between the Cisco password \ secret