Configuring SNMP. Understanding SNMP CHAPTER

Similar documents
Configuring SNMP. Understanding SNMP CHAPTER

For complete syntax and usage information for the commands used in this chapter, see the Cisco IOS Configuration Fundamentals Command Reference

Configuring Simple Network Management Protocol

Configuring SNMP. Understanding SNMP CHAPTER

Configuring SNMP. Understanding SNMP CHAPTER

Configuring SNMP CHAPTER. This chapter describes how to configure the Simple Network Management Protocol (SNMP) on your access point.

Configuring SNMP. Understanding SNMP CHAPTER

Configuring SNMP. Finding Feature Information. Prerequisites for SNMP

0] Chapter 2 Cisco ME 3400E Ethernet Access Switch Cisco IOS Commands shutdown. This command has no arguments or keywords.

2V] Chapter 2 Catalyst 3560 Switch Cisco IOS Commands shutdown. This command has no arguments or keywords.

SNMP Server Commands

SNMP Server Commands

Configuring SNMP. About SNMP. SNMP Functional Overview

SNMP Configuration Guide

SNMPv3 Community MIB Support

Restrictions for SNMP use on Cisco IOS XR Software

Periodic MIB Data Collection and Transfer Mechanism

SNMP Commands CHAPTER

Configuring SNMP. Information About SNMP. SNMP Functional Overview. This chapter contains the following sections:

SNMP Configuration Guide, Cisco IOS Release 12.4T

Configure SNMP. Understand SNMP. This chapter explains Simple Network Management Protocol (SNMP) as implemented by Cisco NCS 4000 series.

CLI to MIB Trap Mapping and SNMPv3 Configuration

Configuring Embedded Resource Manager-MIB

Table of Contents. Cisco Cisco IOS SNMP Traps Supported and How to Configure Them

Monitoring and Managing the Cisco MWR 2941 Router

Configuring SNMP. Send documentation comments to CHAPTER

action (event) through rising (test threshold)

Configuring Periodic MIB Data Collection and Transfer on the Cisco IOS XR Software

MPLS VPN MIB Support. Cisco IOS Release 12.0(24)S1 1

!! Last configuration change at 16:04:19 UTC Tue Feb by zdrillin! NVRAM config last updated at 21:07:18 UTC Thu Feb ! version 12.

Setting Up Physical Inventory

Command Manual SNMP-RMON. Table of Contents

Table of Contents 1 SNMP Configuration Commands RMON Configuration Commands 2-1

Configuring Port-Based Traffic Control

Table of Contents. 2 MIB Configuration Commands 2-1 display mib-style 2-1 mib-style 2-1

Device Configuration Tasks for VNE Creation

Table of Contents Chapter 1 SNMP Configuration Commands

Operation Manual SNMP. Table of Contents

SNMP Simple Network Management Protocol

Table of Contents. 2 MIB Style Configuration 2-1 Setting the MIB Style 2-1 Displaying and Maintaining MIB 2-1

MIB Persistence. Finding Feature Information. Information about MIB Persistence. MIB Persistence

SNMP Support on NFVIS

Configuring Web Cache Services By Using WCCP

The Security feature available on the ME 1200 Web GUI allows you to set the security configurations for

Prerequisites for AES and 3-DES Encryption Support for SNMP. Version 3. Finding Feature Information

2.2 Cisco IOS Commands for the Catalyst 4500 Series Switches snmp ifindex clear. This command has no arguments or keywords.

Monitoring. Ping CHAPTER

SNMP CEF-MIB Support

Configuring the Management Interface and Security

Table of Contents. 2 MIB Style Configuration 2-1 Overview 2-1 Setting the MIB Style 2-1 Displaying and Maintaining MIB 2-1

Chapter 3 Managing System Settings

Configuring Port-Based Traffic Control

Table of Contents. 2 MIB Configuration Commands 2-1 MIB Configuration Commands 2-1 display mib-style 2-1 mib-style 2-1

DES-3010F / DES-3010G / DES-3018 / DES-3026

Implementing IPv6 for Network Management

Implementing IPv6 for Network Management

Simple Network Management Protocol

Configuring RMON. Understanding RMON CHAPTER

MPLS Traffic Engineering (TE) MIB

SNMP Agent Setup. Simple Network Management Protocol Support. SNMP Basics

Configuring Cache Services Using the Web Cache Communication Protocol

Configuring SNMP. Information About SNMP CHAPTER

Configuring Embedded Event Manager

Operation Manual SNMP-RMON H3C S3610&S5510 Series Ethernet Switches. Table of Contents

SNMP Support on NFVIS

Setting Up the MPLS VPN Environment

CPU Thresholding Notification

Configuring Port-Based Traffic Control

Data Collection Manager Command Reference

DGS Layer 2 Switch. Command Line Interface Reference Manual 6DGS3024C.04 RECYCLABLE. Fourth Edition (August 2006)

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

Configuring Interface Characteristics

Configure Site Network Settings

Numerics INDEX. 2.4-GHz WMIC, contrasted with 4.9-GHz WMIC g 3-6, x authentication 4-13

CHAPTER. Introduction

snmp-server enable traps ospf cisco-specific state-change through snmp-server enable traps voice poor-qov

Implementing IPv6 for Network Management

Configuring sflow. Information About sflow. sflow Agent. This chapter contains the following sections:

A small introduction to SNMPv3 and how it works with Network Node Manager -i

Configuring Simple Network Management Protocol (SNMP)

Managing Switch Stacks

Configuring Interfaces

Configuring SNMP. Information about SNMP CHAPTER

Discover Your Network

Configuring System MTU

Configuring Data Collection Manager

The Discovery Wizard now provides the ability to create SNMP Setups that can be selected for individual discoveries. An SNMP Setup specifies:

Configuring IP Multicast Routing

Switches running the LAN Base feature set support only static routing on SVIs.

Configuring Port-Based Traffic Control

Configuring Interfaces

Equivalencia. - Cisco vs Huawei -

Configuring IGMP Snooping and Filtering

Configuring ATM SNMP Trap and OAM Enhancements

Configuring Interface Characteristics

This chapter describes how to configure Simple Network Management Protocol (SNMP) to monitor the Cisco ASA.

Configuring Interface Characteristics

Configuring Embedded Event Manager

Defining IPsec Networks and Customers

Configuring Security Features on an External AAA Server

Transcription:

CHAPTER 30 This chapter describes how to configure the Simple Network Management Protocol (SNMP) on the Cisco ME 3400E Ethernet Access switch. Note For complete syntax and usage information for the commands used in this chapter, see the switch command reference for this release Cisco IOS Commands Master List, Release 12.2 at this URL: http://www.cisco.com/en/us/products/sw/iosswrel/ps1835/products_product_indices_list.html For commands for MIB bulk statistics data collection and process MIB configuration, see the Commands Master List, Release 12.4, at this URL: http://www.cisco.com/en/us/products/ps6350/products_product_indices_list.html This chapter consists of these sections:, page 30-1, page 30-6 Displaying SNMP Status, page 30-22 Understanding SNMP SNMP is an application-layer protocol that provides a message format for communication between managers and agents. The SNMP system consists of an SNMP manager, an SNMP agent, and a MIB. The SNMP manager can be part of a network management system (NMS) such as CiscoWorks. The agent and MIB reside on the switch. To configure SNMP on the switch, you define the relationship between the manager and the agent. The SNMP agent contains MIB variables whose values the SNMP manager can request or change. A manager can get a value from an agent or store a value into the agent. The agent gathers data from the MIB, the repository for information about device parameters and network data. The agent can also respond to a manager s requests to get or set data. An agent can send unsolicited traps to the manager. Traps are messages alerting the SNMP manager to a condition on the network. Traps can mean improper user authentication, restarts, link status (up or down), MAC address tracking, closing of a TCP connection, loss of connection to a neighbor, or other significant events. Although the switch does not support the Cisco Data Collection MIB, you can use the command-line interface to periodically transfer selected MIB data to specified NMS stations. Starting with this release, you can also configure a Cisco Process MIB CPU threshold table. OL-16485-01 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide 30-1

Understanding SNMP Chapter 30 SNMP Versions, page 30-2 SNMP Manager Functions, page 30-3 SNMP Agent Functions, page 30-4 SNMP Community Strings, page 30-4 Using SNMP to Access MIB Variables, page 30-4 SNMP Notifications, page 30-5 SNMP ifindex MIB Object Values, page 30-5 MIB Data Collection and Transfer, page 30-6 SNMP Versions SNMPv1 The Simple Network Management Protocol, a Full Internet Standard, defined in RFC 1157. SNMPv2C replaces the Party-based Administrative and Security Framework of SNMPv2Classic with the community-string-based Administrative Framework of SNMPv2C while retaining the bulk retrieval and improved error handling of SNMPv2Classic. It has these features: defined in RFCs 1902 through 1907. SNMPv2C The community-string-based Administrative Framework for SNMPv2, an Experimental Internet Protocol defined in RFC 1901. SNMPv3 Version 3 of the SNMP is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by authenticating and encrypting packets over the network and includes these security features: Message integrity ensuring that a packet was not tampered with in transit Authentication determining that the message is from a valid source Encryption mixing the contents of a package to prevent it from being read by an unauthorized source. To select encryption, enter the priv expanded error codes that distinguish different kinds of error conditions; these conditions are reported through a single error code in SNMPv1. Error return codes in SNMPv2C report the error type. 30-2 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide OL-16485-01

SNMPv3 provides for both security models and security levels. A security model is an authentication strategy set up for a user and the group within which the user resides. A security level is the permitted level of security within a security model. A combination of the security level and the security model determine which security mechanism is used when handling an SNMP packet. Available security models are SNMPv1, SNMPv2C, and SNMPv3. Table 30-1 identifies the characteristics of the different combinations of security models and levels. Table 30-1 SNMP Security Models and Levels Model Level Authentication Encryption Result SNMPv3 authpriv (requires the cryptographic software image) MD5 or SHA No Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. MD5 or SHA DES Provides authentication based on the HMAC-MD5 or HMAC-SHA algorithms. Provides DES 56-bit encryption in addition to authentication based on the CBC-DES (DES-56) standard. You must configure the SNMP agent to use the SNMP version supported by the management station. Because an agent can communicate with multiple managers, you can configure the software to support communications using SNMPv1, SNMPv2C, or SNMPv3. SNMP Manager Functions Table 30-2 Operation SNMP Operations Description 1 get-bulk-request 2 get-response set-request trap Retrieves large blocks of data, such as multiple rows in a table, that would otherwise require the transmission of many small blocks of data. Replies to a get-request, get-next-request, and set-request sent by an NMS. Stores a value in a specific variable. An unsolicited message sent by an SNMP agent to an SNMP manager when some event has occurred. 1. With this operation, an SNMP manager does not need to know the exact variable name. A sequential search is performed to find the needed variable from within a table. 2. The get-bulk command only works with SNMPv2 or later.

SNMP Agent Functions Get a MIB variable The SNMP agent begins this function in response to a request from the NMS. The agent retrieves the value of the requested MIB variable and responds to the NMS with that value. Set a MIB variable The SNMP agent begins this function in response to a message from the NMS. The SNMP agent changes the value of the MIB variable to the value requested by the NMS. The SNMP agent also sends unsolicited trap messages to notify an NMS that a significant event has occurred on the agent. Examples of trap conditions include, but are not limited to, when a port or module goes up or down, when spanning-tree topology changes occur, and when authentication failures occur. SNMP Community Strings Using SNMP to Access MIB Variables get-request get-next-request set-request Figure 30-1 NMS SNMP Network Get-request, Get-next-request, Get-bulk, Set-request Network device SNMP Manager Get-response, traps MIB SNMP Agent 43581 Appendix A, Supported MIBs. 30-4

SNMP Notifications snmp-server host traps SNMP ifindex MIB Object Values ifindex Values Interface Type ifindex Range 1 4999 EtherChannel 5000 5012 Loopback 5013 5077 Tunnel 5078 5142 Physical (such as Gigabit Ethernet or SFP 2 -module interfaces) 10000 14500 Null 14501 SVI = switch virtual interface 2. SFP = small form-factor pluggable Note 30-5

Chapter 30 MIB Data Collection and Transfer bulk-statistics 30-6 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide OL-16485-01

Chapter 30 Default SNMP Configuration Table 30-4 Feature Default SNMP Configuration Default Setting version noauth tty snmp-server SNMP Configuration Guidelines host engine ID associated with that user. Modifying the group's notify view affects all users associated with that group. See the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 snmp-server engineid remote priv auth snmp-server user OL-16485-01 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide 30-7

Disabling the SNMP Agent Beginning in privileged EXEC mode, follow these steps to disable the SNMP agent: Step 1 Step 2 Step 3 Step 4 Step 5 Command configure terminal no snmp-server end show running-config Purpose The global configuration command disables all running versions (Version 1, Version 2C, and Version 3) on the device. No specific Cisco IOS command exists to enable SNMP. The first global configuration command that you enter enables all versions of SNMP. You use the SNMP community string to define the relationship between the SNMP manager and the agent. The community string acts like a password to permit access to the agent on the switch. Optionally, you can specify one or more of these characteristics associated with the string: An access list of IP addresses of the SNMP managers that are permitted to use the community string to gain access to the agent A MIB view, which defines the subset of all MIB objects accessible to the given community Read and write or read-only permission for the MIB objects accessible to the community 30-8

view-name][ ][ ] [ Configure the community string. The @ symbol is used for delimiting the context information. Avoid using the @ symbol as part of the SNMP community string when configuring this command. Step 6 { } [ ] For, specify a string that acts like a password and permits access to the SNMP protocol. You can configure one or more community strings of any length. (Optional) For, specify the view record accessible to the community. (Optional) Specify either read-only ( ) if you want authorized management stations to retrieve MIB objects, or specify read-write ( ) if you want authorized management stations to retrieve and modify MIB objects. By default, the community string permits read-only access to all objects. (Optional) For, enter an IP standard access list numbered from 1 to 99 and 1300 to 1999. (Optional) If you specified an IP standard access list number in Step 2, then create the list, repeating the command as many times as necessary. For, enter the access list number specified in Step 2. The keyword denies access if the conditions are matched. The keyword permits access if the conditions are matched. For, enter the IP address of the SNMP managers that are permitted to use the community string to gain access to the agent. (Optional) For, enter the wildcard bits in dotted decimal notation to be applied to the source. Place ones in the bit positions that you want to ignore. Recall that the access list is always terminated by an implicit deny statement for everything. Return to privileged EXEC mode. Verify your entries. 30-9

Chapter 30 Switch(config)# snmp-server community comaccess ro 4 Groups and Users Step 1 Step 2 Command Purpose engineid local 1234 remote Cisco ME 3400E Ethernet Access Switch Software Configuration Guide OL-16485-01

snmp-server group v1 v2c v3 auth noauth priv read write notify notifyview access access-list groupname, v1 v2c v3, auth noauth priv priv read write notify access

Command snmp-server user remote udp-port v1 access v2c access v3 encrypted access auth md5 sha Purpose remote v1 v2c v3 v3 encrypted v3 auth sha md5 access Step 7 end show running-config copy running-config startup-config snmp-server host Table 30-5 Switch Notification Types Notification Type Keyword bgp Description bridge

Chapter 30 Switch Notification Types (continued) bulkstat collection transfer config copy-config cpu threshold entity envmon ethernet flash hsrp ipmulticast mac-notification msdp ospf pim port-security port-security rtr snmp snmp-server enable traps port-security snmp-server enable traps port-security trap-rate storm-control stpx syslog tty vlan-membership vlancreate vlandelete OL-16485-01 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide

Command Purpose enable traps snmp-server enable traps? snmp-server port-security snmp-server trap-source snmp-server enable traps port-security snmp-server enable traps port-security trap-rate Step 8 snmp-server queue-length Step 9 Step 10 Step 11 Step 12

Chapter 30 Setting the Agent Contact and Location Information Step 1 Step 2 Command Purpose snmp-server contact Dial System Operator at beeper 21555. snmp-server location Building 3/Room 222 Limiting TFTP Servers Used Through SNMP Cisco ME 3400E Ethernet Access Switch Software Configuration Guide OL-16485-01

access-list-number source source-wildcard access-list-number source source-wildcard MIB Data Collection and Transfer Mechanism Periodic snmp-server mib bulkstat object-list list-name add object-name oid object-name, oid, schema-name

snmp mib bulkstat object-list ifmib Switch(config-bulk-objects)# add 1.3.6.1.2.1.2.1.2.2.2.1.11 add ifname exit snmp mib bulkstat schema testschema object-list ifmib instance wild oil 1 poll-interval 1 exit buffer-size format bulkbinary bulkascii schemaascii schema schemaascii

URL number minutes enable no enable enable Switch(config-bulk-tr)# format schemaascii buffer-size 2147483647 schema testschema1 schema testschema2 transfer-interval 1 url primary tftp://host/folder/bulkstat1 retain 20 retry 2 enable exit

Step 1 Step 2 Command Purpose Step 3 Step 4 Step 5 SNMP Examples snmp-server host 192.180.1.27 version 2c public snmp-server host 192.180.1.111 version 1 public snmp-server host 192.180.1.33 public

Chapter 30 snmp-server community comaccess ro 4 snmp-server enable traps snmp authentication snmp-server host cisco.com version 2c public snmp-server enable traps entity snmp-server host cisco.com restricted entity snmp-server enable traps snmp-server host myhost.cisco.com public mypassword snmp-server engineid remote 192.180.1.27 00000063000100a1c0b4011b snmp-server group authgroup v3 auth snmp-server user authuser authgroup remote 192.180.1.27 v3 auth md5 snmp-server user authuser authgroup v3 auth md5 mypassword snmp-server host 192.180.1.27 informs version 3 auth authuser config snmp-server enable traps snmp-server inform retries 0 snmp-server enable traps bulkstat snmp-server host 192.180.1.27 informs version 2 public bulkstat snmp-server enable traps cpu threshold snmp-server host 192.180.1.27 informs version 2 public cpu OL-16485-01 Cisco ME 3400E Ethernet Access Switch Software Configuration Guide

Displaying SNMP Status Chapter 30 Displaying SNMP Status Table 30-6 Commands for Displaying SNMP Information Cisco ME 3400E Ethernet Access Switch Software Configuration Guide OL-16485-01

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback