ā09-22-2012 07:50 AM - edited ā03-07-2019 09:01 AM
Hi everybody.
I am trying to learn SMNP. My lab scenario is:
R1---ethernet-----NMS ( Orion by Solar wind)
What is minimum configuration required for SNMP?
According to link, shown below. this is minimum requirement:
http://www.techrepublic.com/blog/networking/configure-snmp-on-a-cisco-router-or-switch/283
Router(config)# snmp-server community MyCommunity972 RW
My question is we did not specify the how will R1 contact NMS i.e no ip address of NMS is configured ?
thanks and have a great weekend.
Solved! Go to Solution.
ā09-22-2012 08:21 AM
Hello Sarah,
that command can be enough.
SNMP works on a query/ response model the SNMP get from the server is processed and answered if the server used the right snmp community in its request (like a password, better security and packet encryption is possible with SNMP v3).
SNMPv2c supports different communities for read only operations ( RO parameter) or read-write ( read-write)
The command that you have used allow SNMP writing operations this means possible changes to device configuration via SNMP (RW parameter)
With this command an answer is provided whatever is the source IP address of the SNMP get if the router has a route to the source address.
To be noted a standard access-list can be specified on the same command to limit to what devices the router will answer by simply adding the access-list number.
If the ACL is provided the router will answer to SNMP with a source IP address permitted by the ACL.
To be noted the SNMP agent on the device is actually a "server" that provides information and the server acts as a client making queries.
see
The address of the server needs to be specified for the router to be able to send SNMP traps ( UDP 162).
This is a different operating mode that allows a device to inform selected hosts of an event occurred on the device
Examples: link down on an interface, configuration change performed on the device, device reloaded
To specify the target server(s) for sending traps you need to use
snmp-server host
command
You can decide or to enable all possible traps or for scalability to enable traps only for some categories of events.
these commands are available completing the command
snmp-server enable traps
A good command to check snmp activity is
show snmp
In short there are two operating modes for SNMP:
one is to answer to SNMP get (queries) from NMS and it is enabled by the command you have seen
the other one via traps is to send information to NMS when an event (that is allowed to generate a trap) occurs
Hope to help
Giuseppe
ā09-22-2012 08:21 AM
Hello Sarah,
that command can be enough.
SNMP works on a query/ response model the SNMP get from the server is processed and answered if the server used the right snmp community in its request (like a password, better security and packet encryption is possible with SNMP v3).
SNMPv2c supports different communities for read only operations ( RO parameter) or read-write ( read-write)
The command that you have used allow SNMP writing operations this means possible changes to device configuration via SNMP (RW parameter)
With this command an answer is provided whatever is the source IP address of the SNMP get if the router has a route to the source address.
To be noted a standard access-list can be specified on the same command to limit to what devices the router will answer by simply adding the access-list number.
If the ACL is provided the router will answer to SNMP with a source IP address permitted by the ACL.
To be noted the SNMP agent on the device is actually a "server" that provides information and the server acts as a client making queries.
see
The address of the server needs to be specified for the router to be able to send SNMP traps ( UDP 162).
This is a different operating mode that allows a device to inform selected hosts of an event occurred on the device
Examples: link down on an interface, configuration change performed on the device, device reloaded
To specify the target server(s) for sending traps you need to use
snmp-server host
command
You can decide or to enable all possible traps or for scalability to enable traps only for some categories of events.
these commands are available completing the command
snmp-server enable traps
A good command to check snmp activity is
show snmp
In short there are two operating modes for SNMP:
one is to answer to SNMP get (queries) from NMS and it is enabled by the command you have seen
the other one via traps is to send information to NMS when an event (that is allowed to generate a trap) occurs
Hope to help
Giuseppe
ā09-22-2012 11:03 AM
thanks Giuseppe
ā09-24-2012 08:06 PM
Hi Sarah,
you can add some config into your snmp poll if you want.
snmp-server community xxxxxx RO (this need to be read only ) just incase some one hacked it
snmp-server location xxxxxxxyour site addres
snmp-server contact xxxxxxxx you IT contact
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps transceiver all
snmp-server enable traps tty
snmp-server enable traps cluster
snmp-server enable traps entity
snmp-server enable traps cpu threshold
snmp-server enable traps rep
snmp-server enable traps vtp
snmp-server enable traps flash insertion removal
snmp-server enable traps port-security
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps storm-control trap-rate 100
snmp-server enable traps power-ethernet group 1
snmp-server enable traps power-ethernet police
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps energywise
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vlan-membership
snmp-server enable traps errdisable
snmp-server host
snmp-server host
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide