Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

CTS System - SNMP Configuration

Configuring SNMP traps

  • CTS system

- This is a summary of configuration needed to succesfully configure CTS  system and CTS SNMP trap service to send alerts to a Linux server  running net-snmp.

As of CTS version 1.6, the settings required to configure SNMP protocol in CTS are configured via CUCM Administration.

These settings include SNMP v2c/3 monitoring and system traps

In order to configure CTS system to send SNMP notifications (traps) in  case specific events/errors occur in the system peripherals, is  necessary to enable an specific OID:

ctpPeripheralErrorNotifyEnable = 1.3.6.1.4.1.9.9.643.1.1.1.0

This OID will cause CTS to send or not notifications

You will need snmpwalk and snmpset utilities which you can obtain from here:

Windows:

http://www.elifulkerson.com/articles/net-snmp-windows-binary-unofficial.php

Linux systems:

http://www.net-snmp.org/download.html

  • If using SNMP v2c:

snmpset -m ALL -v2c -c readwrite 64.253.224.24 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

Please replace readwrite with the ReadWrite community string defined in CallManager
 
For left, right and presentation codecs:
 
snmpset -m ALL -v2c -c readwrite_cts2 172.28.28.63 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1 

snmpset -m ALL -v2c -c readwrite_cts3 172.28.28.63 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

snmpset -m ALL -v2c -c readwrite_cts4 172.28.28.63 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

  
Use _cts4 for presentation codec (Note: that IP address is the same, we
just added _cts2,3 or 4 to the string)

  • If using SNMP v3:
snmpwalk -v 3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0
SNMPv2-SMI::enterprises.9.9.643.1.1.1.0 = INTEGER: 2

(Just change -A for the password configured in CUCM admin and change 172.16.181.57 for the CTS IP address)

Value 2, means that we are not going to send notifications (FALSE)

That's for the center codec

For left, right and presentation codecs:

snmpwalk -v 3 -n cts2 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0
snmpwalk -v 3 -n cts3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0
snmpwalk -v 3 -n cts4 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0

In case value is not correct:

For center, left, right and presentation codecs:

snmpset -v 3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

snmpset -n cts2 -v 3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

snmpset -n cts3 -v 3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

snmpset -n cts4 -v 3 -u admin -l authnoPriv -a MD5 -A C1sco123 -m ALL 172.16.181.57 1.3.6.1.4.1.9.9.643.1.1.1.0 i 1

Save SNMP change in each codec:

utils snmp save

  • Trap server

- Download CTS MIB

 
ftp://ftp.cisco.com/pub/mibs/v2/CISCO-TELEPRESENCE-CALL-MIB.my
 

- Obtain CTS server fixed content Engine OID (E)

TBOS 1.2 uses fixed context engine ID of 0x8000DEECAFE8111BEEFADE which is the one we are going to use to capture TRAPS

A) You can obtain CTS security engine OID (e) by logging in via CTS GUI and check SNMP settings

B) You can get root access and verify the following:

Look at the last line in /snmp/snmpd.conf.

So by entering the following command, we can obtain the security engine ID (e)

cat /snmp/snmpd.conf

Last line:

0x80001f88030019aa043e58

0x80001f8803001d4526e27a

SNMP client side (trap handler)

Reference:

http://www.net-snmp.org/wiki/index.php?title=TUT:Configuring_snmptrapd_to_receive_SNMPv3_notifications&printable=yes

1) Verify the system SNMP configuration path:

[root@asteriskvnt snmp]#

net-snmp-config --snmpconfpath

/usr/local/etc/snmp:/usr/local/share/snmp:/usr/local/lib/snmp:/root/.snmp:/var/net-snmp

2) Edit snmptrapd.conf file (the path can be different)

vi /usr/local/etc/snmp/snmptrapd.conf

[root@asteriskvnt snmp]# cat snmptrapd.conf and add the fixed context engine (

msgAuthoritativeEngineID)

the other security settings should match what is configured in CUCM

createUser -e 0x8000DEECAFE8111BEEFADE trapuser MD5 "C1sco123" DES

authuser log trapuser

  • Testing Traps

Client

1) Start the SNMPtrapd daemon

snmptrapd -f -C -c /usr/local/etc/snmp/snmptrapd.conf -Le

[root@asteriskvnt snmp]#

snmptrapd -f -C -c /usr/local/etc/snmp/snmptrapd.conf -Le

NET-SNMP version 5.5.rc1

2) Open a new window in same server to test the traps (use same engine ID in snmptrapd.conf)

snmptrap -v 3 -u trapuser -l authnoPriv -a MD5 -A C1sco123 -e 0x80001f88030019aa043e58 localhost 0 linkUp.0

For CTS:

Restart SNMP Service from CLI or generate trap

utils service restart SNMP_Srvr

check if trap is received from SNMP trap client

tcpdump -s 0 -i eth0 host 172.16.181.57 -vv

3) In client side you will see:

[root@asteriskvnt ~]#

snmptrapd -f -C -c /usr/local/etc/snmp/snmptrapd.conf -Lo

NET-SNMP version 5.5.rc1

2009-09-11 18:50:10  [UDP: [172.16.181.57]:32780->[172.16.102.55]]:

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (43347) 0:07:13.47      SNMPv2-MIB::snmpTrapOID.0 = OID: NET-SNMP-AGENT-MIB::nsNotifyShutdown    SNMPv2-MIB::snmpTrapEnterprise.0 = OID:  NET-SNMP-MIB::netSnmpNotificationPrefix

2009-09-11 18:50:19  [UDP: [172.16.181.57]:32781->[172.16.102.55]]:

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (89) 0:00:00.89         SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-MIB::coldStart   SNMPv2-MIB::snmpTrapEnterprise.0 = OID:  NET-SNMP-MIB::netSnmpAgentOIDs.10

  • Troubleshooting

On either the server or the client side, enter:

tcpdump -s 0 -i eth0 host 172.16.181.57 -vv
tcpdump -s 0 -i eth0 udp port 162 -vvvv

In case you dont have root access of codec, use new utils network  capture command (available in CTS 1.6) to examine any incoming packets.

On the server side,  verify local traps are handled

snmptrap -v 3 -u trapuser -l authnoPriv -a MD5 -A C1sco123 -e 8000DEECAFE8111BEEFADE 0 linkUp.0

to see whether a field has been update or not.

Also on the server side,

ps -aef | grep snmp

to make sure SNMP daemon is alive.

Version history
Revision #:
1 of 1
Last update:
‎10-20-2010 09:47 AM
Updated by:
 
Labels (1)