cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2877
Views
0
Helpful
13
Replies

SNMP Trap Support On CatOS

goulin
Level 1
Level 1

Hi,

Does anyone know what version of SNMP traps are supported on CatOS? Ideally, I want to be able to configure SNMPv3, but it seems as though I can only find examples of configuration for SNMPv1. Can anyone assist? The config I have applied for SNMPv1 is:

set snmp trap 1.1.1.1 string

set snmp trap enable all

Thanks,

goulin

1 Accepted Solution

Accepted Solutions

Your targetparams name is wrong. You have "set targetparams ip" when it should be "set targetparams p1". Other than that, this looks right to me. I have this working on a 6500 running 8.5(3), but I do not have a Cat4K on which to test.

View solution in original post

13 Replies 13

Joe Clarke
Cisco Employee
Cisco Employee

CatOS supports v1, v2c, and v3 traps after 5.4. See http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/catos/6.x/configuration/guide/snmp.html#wp1022235 for more details.

I can't seem to configure SNMPv2c traps though - and I followed this document to configure SNMPv3 traps, yet when I performed a capture, the switch was not sending these out.

The config I tried for SNMPv3 is:

set snmp view videfault 1 included

set snmp access group1 security-model v3 authentication read videfault write videfault notify videfault

set snmp notify notifytable1 tag router trap

set snmp targetaddr PC param p1 10.49.31.173

set snmp targetparams p1 user snmp3_user security-model v3 message-processing v3 authentication

set snmp user snmp3_user authentication sha testtest

set snmp group group1 user snmp3_user security-model v3

This looks mostly right. You're missing an important argument on your targetaddr, though. Make sure you configure:

set snmp targetaddr PC param p1 tag router

Is that for v2c or v3? I actually have both the targetaddr and targetparams configured, yet I can't get it to work.

That is for v3. For v2c, just configure:

set snmp trap 10.1.1.1 public version 2c

The thing is, the version of CatOS I am running does not have the version 2c option after the set snmp trap . It does not seem to allow you to specify a version to set traps, which is why I was confused, because I was following the release notes for the CatOS version I am running:

http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.3and8.4glx/configuration/guide/snmp.html#wp1046035')">http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.3and8.4glx/configuration/guide/snmp.html#wp1046035

When configuring the host, it sends v1 by default.

What version of CatOS are you using?

I am using v8.4(11)GLX for a Cisco 4006. The link I posted should refer to the release notes for that hardware and that specific CatOS version.

Okay, on the Cat4K, you need to do something SNMPv3-like to enable v2c traps:

set snmp group v2cgroup user v2cuser security-model v2c non

set snmp notify not1 tag v2ctrap trap

set snmp targetpar p1 user v2cuser security-model v2c message v2c non

set snmp targetaddr addr2 param p1 10.1.1.1 udpport 162 udpmask 0

taglist v2ctrap

Ok, I tried that but I still coulf not get it to send v2c traps.

Nevertheless, I am really wanting to send SNMPv3 traps with AuthNoPriv. The exact configuration I have for SNMP is:

set snmp user user1v3 authentication sha XXXXX

set snmp community read-only public

set snmp view videfault 1 included nonvolatile

set snmp access group1v3 security-model v3 authentication read videfault write videfault notify videfault nonvolatile

set snmp notify notifytable1 tag routers trap nonvolatile

set snmp targetaddr CAM param p1 10.49.31.173 udpport 162 maxmsgsize 484 timeout 1500 retries 3 nonvolatile taglist routers

set snmp targetparams ip user user1v3 security-model v3 message-processing v3 authentication

set snmp group group1v3 user user1v3 security-model v3 nonvolatile

set snmp trap enable all

set snmp trap 10.49.31.173 traps port 162 owner CLI index 1

With the last line in, it sends SNMPv1 traps to 10.49.31.173. When I remove the last line, it does not send SNMPv3 traps (which is what I thought the above config would do without that line and what the documentation seems to suggest).

I could be missing something... any ideas?

Your targetparams name is wrong. You have "set targetparams ip" when it should be "set targetparams p1". Other than that, this looks right to me. I have this working on a 6500 running 8.5(3), but I do not have a Cat4K on which to test.

Grr, found what I was missing. I've been playing around so much that the params were different between the targetparams and targetaddr statements.

Initially, my issue before I started playing around was that I did not have the 'taglist' command at the end of the targetaddr command, which is probably what it was not sending any traps.

Thanks for your help

Ok... officially, the CatOS 8.4(11)GLX for Cisco 4000's sucks. SNMPv3 traps just stopped working all of a sudden. Also, SNMPv3 read/write works for around 2 hours, and then stops working. Looks like I have to use SNMPv1 or 2c.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: