02-23-2009 04:21 PM
Hi,
Does anyone know what version of SNMP traps are supported on CatOS? Ideally, I want to be able to configure SNMPv3, but it seems as though I can only find examples of configuration for SNMPv1. Can anyone assist? The config I have applied for SNMPv1 is:
set snmp trap 1.1.1.1 string
set snmp trap enable all
Thanks,
goulin
Solved! Go to Solution.
02-24-2009 03:55 PM
Your targetparams name is wrong. You have "set targetparams ip" when it should be "set targetparams p1". Other than that, this looks right to me. I have this working on a 6500 running 8.5(3), but I do not have a Cat4K on which to test.
02-23-2009 05:04 PM
CatOS supports v1, v2c, and v3 traps after 5.4. See http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/catos/6.x/configuration/guide/snmp.html#wp1022235 for more details.
02-23-2009 05:08 PM
I can't seem to configure SNMPv2c traps though - and I followed this document to configure SNMPv3 traps, yet when I performed a capture, the switch was not sending these out.
The config I tried for SNMPv3 is:
set snmp view videfault 1 included
set snmp access group1 security-model v3 authentication read videfault write videfault notify videfault
set snmp notify notifytable1 tag router trap
set snmp targetaddr PC param p1 10.49.31.173
set snmp targetparams p1 user snmp3_user security-model v3 message-processing v3 authentication
set snmp user snmp3_user authentication sha testtest
set snmp group group1 user snmp3_user security-model v3
02-23-2009 10:32 PM
This looks mostly right. You're missing an important argument on your targetaddr, though. Make sure you configure:
set snmp targetaddr PC param p1 tag router
02-23-2009 10:41 PM
Is that for v2c or v3? I actually have both the targetaddr and targetparams configured, yet I can't get it to work.
02-23-2009 10:48 PM
That is for v3. For v2c, just configure:
set snmp trap 10.1.1.1 public version 2c
02-23-2009 10:51 PM
The thing is, the version of CatOS I am running does not have the version 2c option after the set snmp trap
http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.3and8.4glx/configuration/guide/snmp.html#wp1046035')">http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.3and8.4glx/configuration/guide/snmp.html#wp1046035
When configuring the host, it sends v1 by default.
02-23-2009 10:54 PM
What version of CatOS are you using?
02-23-2009 10:57 PM
I am using v8.4(11)GLX for a Cisco 4006. The link I posted should refer to the release notes for that hardware and that specific CatOS version.
02-23-2009 11:12 PM
Okay, on the Cat4K, you need to do something SNMPv3-like to enable v2c traps:
set snmp group v2cgroup user v2cuser security-model v2c non
set snmp notify not1 tag v2ctrap trap
set snmp targetpar p1 user v2cuser security-model v2c message v2c non
set snmp targetaddr addr2 param p1 10.1.1.1 udpport 162 udpmask 0
taglist v2ctrap
02-24-2009 03:49 PM
Ok, I tried that but I still coulf not get it to send v2c traps.
Nevertheless, I am really wanting to send SNMPv3 traps with AuthNoPriv. The exact configuration I have for SNMP is:
set snmp user user1v3 authentication sha XXXXX
set snmp community read-only public
set snmp view videfault 1 included nonvolatile
set snmp access group1v3 security-model v3 authentication read videfault write videfault notify videfault nonvolatile
set snmp notify notifytable1 tag routers trap nonvolatile
set snmp targetaddr CAM param p1 10.49.31.173 udpport 162 maxmsgsize 484 timeout 1500 retries 3 nonvolatile taglist routers
set snmp targetparams ip user user1v3 security-model v3 message-processing v3 authentication
set snmp group group1v3 user user1v3 security-model v3 nonvolatile
set snmp trap enable all
set snmp trap 10.49.31.173 traps port 162 owner CLI index 1
With the last line in, it sends SNMPv1 traps to 10.49.31.173. When I remove the last line, it does not send SNMPv3 traps (which is what I thought the above config would do without that line and what the documentation seems to suggest).
I could be missing something... any ideas?
02-24-2009 03:55 PM
Your targetparams name is wrong. You have "set targetparams ip" when it should be "set targetparams p1". Other than that, this looks right to me. I have this working on a 6500 running 8.5(3), but I do not have a Cat4K on which to test.
02-24-2009 03:58 PM
Grr, found what I was missing. I've been playing around so much that the params were different between the targetparams and targetaddr statements.
Initially, my issue before I started playing around was that I did not have the 'taglist' command at the end of the targetaddr command, which is probably what it was not sending any traps.
Thanks for your help
03-02-2009 01:44 PM
Ok... officially, the CatOS 8.4(11)GLX for Cisco 4000's sucks. SNMPv3 traps just stopped working all of a sudden. Also, SNMPv3 read/write works for around 2 hours, and then stops working. Looks like I have to use SNMPv1 or 2c.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: