configuring snmp on router.

Answered Question
Sep 22nd, 2012

Hi everybody.

I am trying to learn SMNP. My lab scenario is:

R1---ethernet-----NMS ( Orion by Solar wind)

What is minimum configuration required for SNMP?

According to link, shown below. this is minimum requirement:

http://www.techrepublic.com/blog/networking/configure-snmp-on-a-cisco-router-or-switch/283

Router(config)# snmp-server community MyCommunity972 RW

My question is we did not specify the how will R1 contact NMS i.e no ip address of NMS is configured ?

thanks and have a great weekend.

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 1 year 7 months ago

Hello Sarah,

that command can be enough.

SNMP works on a query/ response model  the SNMP get from the server is processed and answered if the server used the right snmp community in its request (like a password, better security and packet encryption is possible with SNMP v3).

SNMPv2c supports different communities for read only operations ( RO parameter) or  read-write ( read-write)

The command that you have used allow SNMP writing operations this means possible changes to device configuration via SNMP (RW parameter)

With this command an answer is provided whatever is the source IP address of the SNMP get if the router has a route to the source address.

To be noted a standard access-list can be specified on the same command to limit to what devices the router will answer by simply adding the access-list number.

If the ACL is provided the router will answer to SNMP with a source IP address permitted by the ACL.

To be noted the SNMP agent on the device is actually a "server" that provides information and the server acts as a client making queries.

see

http://www.cisco.com/en/US/docs/ios-xml/ios/snmp/command/nm-snmp-cr-s2.html#GUID-2F3F13E4-EE81-4590-871D-6AE1043473DE

The address of the server needs to be specified  for the router to be able to send SNMP traps ( UDP 162).

This is a different operating mode that allows a device to inform selected hosts of an event occurred on the device

Examples: link down on an interface, configuration change performed on the device, device reloaded

To specify the target server(s) for sending traps you need to use

snmp-server host

command

You can decide or to enable all possible traps or for scalability  to enable traps only for some categories of events.

these commands are available completing the command

snmp-server enable traps 

A good command to check snmp activity is

show snmp

http://www.cisco.com/en/US/docs/ios-xml/ios/snmp/command/nm-snmp-cr-s1.html#GUID-DD47EC38-39F0-44AB-B689-6ABC3F66A833

In short there are two operating modes for SNMP:

one is to answer to SNMP get  (queries) from NMS and it is enabled by the command you have seen

the other one via traps is to send information to NMS when an event (that is allowed to generate a trap)  occurs

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (2 ratings)
Correct Answer
Giuseppe Larosa Sat, 09/22/2012 - 08:21

Hello Sarah,

that command can be enough.

SNMP works on a query/ response model  the SNMP get from the server is processed and answered if the server used the right snmp community in its request (like a password, better security and packet encryption is possible with SNMP v3).

SNMPv2c supports different communities for read only operations ( RO parameter) or  read-write ( read-write)

The command that you have used allow SNMP writing operations this means possible changes to device configuration via SNMP (RW parameter)

With this command an answer is provided whatever is the source IP address of the SNMP get if the router has a route to the source address.

To be noted a standard access-list can be specified on the same command to limit to what devices the router will answer by simply adding the access-list number.

If the ACL is provided the router will answer to SNMP with a source IP address permitted by the ACL.

To be noted the SNMP agent on the device is actually a "server" that provides information and the server acts as a client making queries.

see

http://www.cisco.com/en/US/docs/ios-xml/ios/snmp/command/nm-snmp-cr-s2.html#GUID-2F3F13E4-EE81-4590-871D-6AE1043473DE

The address of the server needs to be specified  for the router to be able to send SNMP traps ( UDP 162).

This is a different operating mode that allows a device to inform selected hosts of an event occurred on the device

Examples: link down on an interface, configuration change performed on the device, device reloaded

To specify the target server(s) for sending traps you need to use

snmp-server host

command

You can decide or to enable all possible traps or for scalability  to enable traps only for some categories of events.

these commands are available completing the command

snmp-server enable traps 

A good command to check snmp activity is

show snmp

http://www.cisco.com/en/US/docs/ios-xml/ios/snmp/command/nm-snmp-cr-s1.html#GUID-DD47EC38-39F0-44AB-B689-6ABC3F66A833

In short there are two operating modes for SNMP:

one is to answer to SNMP get  (queries) from NMS and it is enabled by the command you have seen

the other one via traps is to send information to NMS when an event (that is allowed to generate a trap)  occurs

Hope to help

Giuseppe

singhaam007 Mon, 09/24/2012 - 20:06

Hi Sarah,

you can add some config into your snmp poll if you want.

snmp-server community xxxxxx RO (this need to be read only ) just incase some one hacked it

snmp-server location xxxxxxxyour site addres

snmp-server contact xxxxxxxx you IT contact

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps transceiver all

snmp-server enable traps tty

snmp-server enable traps cluster

snmp-server enable traps entity

snmp-server enable traps cpu threshold

snmp-server enable traps rep

snmp-server enable traps vtp

snmp-server enable traps flash insertion removal

snmp-server enable traps port-security

snmp-server enable traps auth-framework sec-violation

snmp-server enable traps envmon fan shutdown supply temperature status

snmp-server enable traps storm-control trap-rate 100

snmp-server enable traps power-ethernet group 1

snmp-server enable traps power-ethernet police

snmp-server enable traps config-copy

snmp-server enable traps config

snmp-server enable traps config-ctid

snmp-server enable traps energywise

snmp-server enable traps bridge newroot topologychange

snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency

snmp-server enable traps syslog

snmp-server enable traps mac-notification change move threshold

snmp-server enable traps vlan-membership

snmp-server enable traps errdisable

snmp-server host

snmp-server host

thanks

Actions

Login or Register to take actions

This Discussion

Posted September 22, 2012 at 7:50 AM
Stats:
Replies:3 Avg. Rating:5
Views:718 Votes:0
Shares:0

Related Content

Discussions Leaderboard

Rank Username Points
1 15,007
2 8,155
3 7,730
4 7,083
5 6,742
Rank Username Points
140
72
69
65
45