cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

277
Views
0
Helpful
4
Replies
Highlighted
Beginner

vEdge SNMP

Hi,

 

I have enabled SNMP in vEdge device; but SNMP query is not working from the NMS. I have tried with snmpwalk/snmpget but no response. SNMP config:

 

snmp
no shutdown
view v2
oid 1.3.6.1
oid 1.3.6.1.*
!
community read-only
view v2
authorization read-only
!
group v2 auth-priv
view v2
!
user snmp
auth md5
auth-password $8$gWGxXKchTONylD1IAvgkxUunkBiBQ54EtREVDmRUO7E=
priv aes-cfb-128
priv-password $8$UrhE2PeFJd+Bl/OnSwYqR76JKs71PQV3gmqt/0XMZ+w=
group v2

Anything missing?

 

Thanks

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Re: vEdge SNMP

Hi Fakrul,

 
VPN512 would be the most recommended segment to handle network management traffic across the fabric. 
I can think of one solution, still you have to get a shot to make sure if it works:
 
You can create a new IPv4 ACL (consider ingress for the transport interface) to permit SNMP traffic, then apply that to the ingress direction as per below:
 
Feature Templates: VPN Interface Ethernet | ACL/QOS | Ingress ACL - IPv4
 
Please try the above workaround and let me know if it works.
 
Regards,
Ehsan

View solution in original post

4 REPLIES 4
Highlighted
Beginner

Re: vEdge SNMP

Hello fakrulalam,

 

Please use following commands for SNMP configuration for vEdge:- 

 

snmp
no shutdown
view v2
oid 1.3.6.1
!
community private
view v2
authorization read-only
!
trap target vpn 0 10.0.1.1 16662 

 

!(please udp port number 16662 for snmp configuration of viptela devices ) (I have targeted vpn 0, however you can target vpn 1 as well as , depends upon your requirements, 10.0.1.1= snmp server address)

 

group-name Cisco
community-name private
!
trap group test
all
level critical major minor
exit
exit

==========================================================================================

Please mark this post solve and hit on helpful button, if this post has answered your query.

 

 

Regards.

Rohit Raj

 

Regards,
Rohit Raj
Everyone's tags (1)
Highlighted
Cisco Employee

Re: vEdge SNMP

How your NMS reach out to Edge devices? Is it using VPN512 - or a configured management VPN or are you using Transport VPN?
If using Transport VPN, be mindful of Implicit ACL applied as part of Transport Interface nature in Cisco SD-WAN fabric.
Highlighted
Beginner

Re: vEdge SNMP

Hi Elesani,

 

Yes, I am trying VPN 0 (Transport VPN). VPN512 works fine. Is there any option to allow SNMP in the transport interface?

 

Thanks

Fakrul.

Highlighted
Cisco Employee

Re: vEdge SNMP

Hi Fakrul,

 
VPN512 would be the most recommended segment to handle network management traffic across the fabric. 
I can think of one solution, still you have to get a shot to make sure if it works:
 
You can create a new IPv4 ACL (consider ingress for the transport interface) to permit SNMP traffic, then apply that to the ingress direction as per below:
 
Feature Templates: VPN Interface Ethernet | ACL/QOS | Ingress ACL - IPv4
 
Please try the above workaround and let me know if it works.
 
Regards,
Ehsan

View solution in original post