Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3012
Views
0
Helpful
4
Replies

vEdge SNMP

Go to solution
fakrulalam
Level 1
Level 1

‎04-09-2020 07:42 AM

Hi,

 

I have enabled SNMP in vEdge device; but SNMP query is not working from the NMS. I have tried with snmpwalk/snmpget but no response. SNMP config:

 

snmp
no shutdown
view v2
oid 1.3.6.1
oid 1.3.6.1.*
!
community read-only
view v2
authorization read-only
!
group v2 auth-priv
view v2
!
user snmp
auth md5
auth-password $8$gWGxXKchTONylD1IAvgkxUunkBiBQ54EtREVDmRUO7E=
priv aes-cfb-128
priv-password $8$UrhE2PeFJd+Bl/OnSwYqR76JKs71PQV3gmqt/0XMZ+w=
group v2

Anything missing?

 

Thanks

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
elesani
Cisco Employee
Cisco Employee
In response to fakrulalam

‎04-15-2020 09:09 AM

Hi Fakrul,

 
VPN512 would be the most recommended segment to handle network management traffic across the fabric. 
I can think of one solution, still you have to get a shot to make sure if it works:
 
You can create a new IPv4 ACL (consider ingress for the transport interface) to permit SNMP traffic, then apply that to the ingress direction as per below:
 
Feature Templates: VPN Interface Ethernet | ACL/QOS | Ingress ACL - IPv4
 
Please try the above workaround and let me know if it works.
 
Regards,
Ehsan

View solution in original post

0 Helpful
4 Replies 4

Go to solution
RohitRaj03827
Spotlight
Spotlight

‎04-13-2020 08:24 PM

Hello fakrulalam,

 

Please use following commands for SNMP configuration for vEdge:- 

 

snmp
no shutdown
view v2
oid 1.3.6.1
!
community private
view v2
authorization read-only
!
trap target vpn 0 10.0.1.1 16662 

 

!(please udp port number 16662 for snmp configuration of viptela devices ) (I have targeted vpn 0, however you can target vpn 1 as well as , depends upon your requirements, 10.0.1.1= snmp server address)

 

group-name Cisco
community-name private
!
trap group test
all
level critical major minor
exit
exit

==========================================================================================

Please mark this post solve and hit on helpful button, if this post has answered your query.

 

 

Regards.

Rohit Raj

 

Regards,
Rohit Raj
0 Helpful

Go to solution
elesani
Cisco Employee
Cisco Employee

‎04-14-2020 06:47 PM

How your NMS reach out to Edge devices? Is it using VPN512 - or a configured management VPN or are you using Transport VPN?
If using Transport VPN, be mindful of Implicit ACL applied as part of Transport Interface nature in Cisco SD-WAN fabric.
0 Helpful

Go to solution
fakrulalam
Level 1
Level 1
In response to elesani

‎04-15-2020 12:03 AM

Hi Elesani,

 

Yes, I am trying VPN 0 (Transport VPN). VPN512 works fine. Is there any option to allow SNMP in the transport interface?

 

Thanks

Fakrul.

0 Helpful

Go to solution
elesani
Cisco Employee
Cisco Employee
In response to fakrulalam

‎04-15-2020 09:09 AM

Hi Fakrul,

 
VPN512 would be the most recommended segment to handle network management traffic across the fabric. 
I can think of one solution, still you have to get a shot to make sure if it works:
 
You can create a new IPv4 ACL (consider ingress for the transport interface) to permit SNMP traffic, then apply that to the ingress direction as per below:
 
Feature Templates: VPN Interface Ethernet | ACL/QOS | Ingress ACL - IPv4
 
Please try the above workaround and let me know if it works.
 
Regards,
Ehsan
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents