Sending SNMP traps

pweinhold · ‎07-13-2009

I'm trying to configure a switch to send traps to our network management system. To test it, I'm trying to send traps for creating new VLANs. I've configured it like this:

snmp-server community [RO_comm_string] RO

snmp-server community [RW_comm_string] RW

snmp-server enable traps vlancreate

snmp-server host xxx.xxx.xxx.xxx [RO_comm_string]

Is there anything missing from my config? The Cisco documentation says I also have to configure an engineID, an snmp-server user and an snmp group, but I've seen other documentation that says I only have to configure the NMS server and the traps that I want to enable (which is what I've done in they config above).

Thanks.

Joe Clarke · ‎07-13-2009

This configuration is fine for sending SNMPv1 traps to a management server.

pweinhold · ‎07-13-2009

Okay, but our NMS is configured to use v2. Is there a way of verifying whether the switch is using v1 or v2?

Joe Clarke · ‎07-13-2009

Sure, you can add "version 2c" to your snmp-server host line:

snmp-server host x.x.x.x traps version 2c COMMUNITY

Marvin Rhoads · ‎07-13-2009

From the Common Services User guide:

Select Device Diagnostic Tools > Device Center.

Step 2 Enter the name or IP address, fully qualified domain name, or hostname of the device you want to check

in the Device Selector field and click Go.

Or

Select the device from the list tree.

The Summary and Functions Available panes appear.

Step 3 Click Management Station to Device in the Functions Available pane.

The Management Station to Device dialog box appears.

Step 4 Select the connectivity applications you want to select.

All information you enter in the fields are case sensitive.

If you select SNMP v1/v2c, you should:

â€¢ Select either SNMP v1 or v2c. The default is SNMP v2c.

â€¢ Enter the Read Community String.

â€¢ Enter the Write Community String.

â€¢ Enter the Time out in seconds. The default is 2 seconds.

...

Step 5 Enter the Timeout in seconds and click OK.

The default is 2 seconds.

The Interface Test Results popup displays the results. The Interface Details results screen shows the

interfaces tested and the test results for each option.

Hope this helps.

pweinhold · ‎07-13-2009

I think you're talking about CiscoWorks, correct? We're actually using SolarWinds NCM, but thanks for the input nonetheless.

Marvin Rhoads · ‎07-13-2009

Oh, I incorrectly assumed you had a CiscoWorks. I don't have a copy of Soalrwinds NCM to check for equivalent functionality, but you can always just use a network analyzer to look at the packets flowing between your management station and the device and examine them for snmp v2 protocol usage.

Since Solarwinds is Windows-based, you can use any of several free protocol analyzers (if you don't already have one). Look at Wireshark (formerly Ethereal) or Microsoft Network monitor.

http://www.wireshark.org/

http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en

Hope this helps. Please rate helpful posts.

Marvin Rhoads · ‎07-13-2009

As noted in the command reference (http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_20.html),

- re EngineID:

"The SNMP engine ID is a unique string used to identify the device for administration purposes. You do not need to specify an engine ID for the device; a default string is generated using Cisco's enterprise number (1.3.6.1.4.1.9) and the mac address of the first interface on the device. For further details on the SNMP engine ID, see RFC 2571."

- re snmp-server group:

"When a community string is configured internally, two groups with the name public are autogenerated, one for the v1 security model and the other for the v2c security model."

In other words, if you are OK with the "public" group, there's no need to create additional groups.

- re snmp-server user

That command is only necessary when further securing snmp using, for example: snmp-server groups, passwords, and access-lists.

Hope this helps.