I read that SNMP is not a mapped as flows on CSS by default. Thus, I can't see SNMP traffic via "flow statics".
I have SW's behind CSS's setup as services, and my SNMP server cannot reach to the SW's that are behind the CSS.
ip address 192.168.213.3 255.255.255.0
ip virtual-router 213 preempt
ip redundant-vip 213 192.168.213.251
ip redundant-vip 213 192.168.213.252
ip address 192.168.50.14 255.255.255.0
ip virtual-router 50 preempt
ip redundant-interface 50 192.168.50.15
ip address 192.168.50.251
ip address 192.168.50.252
vip address 192.168.213.251
add service SW1
vip address 192.168.213.252
add service SW2
Should I just remove the SW IP's as services and permit SNMP server to reach the real IP (i.e., no NAT)?
Or do I enable SNMP flows (i.e., flow-state 161 udp flow-enable)?
With the example config you posted, you really aren't load balancing anyway, since you have only one service per VIP. Therefore, it seems like it would be simpler to just let the server connect directly to the real IP addresses of the two SNMP hosts through the CSS. The CSS will simply route or switch the UDP packets as necessary.
Unless I'm missing something, using the VIPs is just adding unnecessary complexity.
Hope this helps,