SNMP-TRAPS - Page 2

philrattenborg · ‎10-02-2009

I am trying to get my Catalyst 3550 to send snmp-traps for vlan-membership changes. I believe I have the correct syntax in the configuration because I can change traps to config and I get the trap messages but not for vlan-membership changes. I have posted part of the config. Is there something I am missing???

snmp-server engineID local

snmp-server community phil RW

snmp-server enable traps vlan-membership

snmp-server host 192.168.11.100 phil vlan-membership

Joe Clarke · ‎10-02-2009

If you move to 12.2(52)SE, you will get EEM 3.2 which offers a lot of capabilities to create custom SNMP traps and syslog messages. For example, here is a simple applet which will send out a trap when a new MAC is learned on the non-default VLAN:

event manager environment default_vlan 1

event manager applet port-vlan-notif

event event mat interface regexp .*Ethernet.* type add

action 001 cli command "show interface $_mat_intf_name switchport | include Access Mode VLAN"

action 002 regexp ": ([0-9]+) " "$_cli_result" ignore vlan_num

action 003 if $vlan_num ne $default_vlan

action 004 snmp-trap strdata "Interface $_mat_intf_name has VLAN $vlan_num"

action 005 end

You could trigger an EEM policy on other events as well. For example, you could also trigger an event on a config change, and send a trap if a port's VLAN is changed by an interactive user. This type of policy would be a little more complicated, but there is an example which could be adapted at http://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=1103 .

Lucien Avramov · ‎10-02-2009

The way we track this is with linkup linkdown trap and mac-address notifications trap. Are you using NAC / Clean-access? That is what NAC is tracking.