SD-WAN

Hello teams,

I am considering to configure SNMP server that connected to 128T router on version 4.2.0.
SNMP server is located in same network within 128T router, and router has 1 client on LAN side.

Following of a document "Configuring SNMP", says basic configuration like;

-------------------------------------------------------------------------------
snmp-server
             enabled              true
             version                v2c
             port                     161

             access-control                      my-nms-agent
                          name                         my-nms-agent
                          community              public
                          source                        10.128.201.2
exit

notification-receiver              10.128.201.2          162       trap
             ip-address                    10.128.201.2
             port                                162
             type                                trap
        exit
exit
-------------------------------------------------------------------------------

Does "source" mean IP address of "host client of 128T router" or "SNMP server"?
Also what IP address needs to be assigned on "notification-receiver"?

Here is the excerpt from "/etc/snmp/snmpd.conf" from my SNMP server.
The writing in red is the part I added, other than that, setting is default after it is installed.

--------------------------------------------------------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------------------------------------------------------

As checking "# snmpwalk -v1 localhost -c local_community ucdavis", it shows much sub-tree information.

If my SNMP server's configuration is correct, I had some mistakes on 128T router setting.
Could you kindly help me to resolve this issue?


Best,

------------------------------
Saori Araki
Tokyo
+81366997000
------------------------------

Hello Teams,

I resolved this issue myself, so please kindly ignore my question.

Best,

------------------------------
Saori Araki
Tokyo
+81366997000
------------------------------

Original Message:
Sent: 01-17-2020 00:49
From: Saori Araki
Subject: How to configure SNMP on 4.2.x

Hello teams,

I am considering to configure SNMP server that connected to 128T router on version 4.2.0.
SNMP server is located in same network within 128T router, and router has 1 client on LAN side.

Following of a document "Configuring SNMP", says basic configuration like;

-------------------------------------------------------------------------------
snmp-server
             enabled              true
             version                v2c
             port                     161

             access-control                      my-nms-agent
                          name                         my-nms-agent
                          community              public
                          source                        10.128.201.2
exit

notification-receiver              10.128.201.2          162       trap
             ip-address                    10.128.201.2
             port                                162
             type                                trap
        exit
exit
-------------------------------------------------------------------------------

Does "source" mean IP address of "host client of 128T router" or "SNMP server"?
Also what IP address needs to be assigned on "notification-receiver"?

Here is the excerpt from "/etc/snmp/snmpd.conf" from my SNMP server.
The writing in red is the part I added, other than that, setting is default after it is installed.

--------------------------------------------------------------------------------------------------------------------------------------------------------------

#       sec.name  source          community

com2sec localgroup  localhost  local_community 

 

#       groupName      securityModel securityName

group   local_group     v1      localgroup

group   local_group     v2c     localgroup

group   local_group     usm     localgroup

# Make at least  snmpwalk -v 1 localhost -c public system fast again.

#       name           incl/excl     subtree         mask(optional)

view    all     included        .1      80 

#       group          context sec.model sec.level prefix read   write  notif

access  local_group     ""      any     noauth  exact   all     none    none

--------------------------------------------------------------------------------------------------------------------------------------------------------------

As checking "# snmpwalk -v1 localhost -c local_community ucdavis", it shows much sub-tree information.

If my SNMP server's configuration is correct, I had some mistakes on 128T router setting.
Could you kindly help me to resolve this issue?


Best,

------------------------------
Saori Araki
Tokyo
+81366997000
------------------------------

Nice work resolving it!

The "access-control" block's source lets you restrict access to the SNMP agent on the 128T to a specific address. The "notification-receiver" address is where you want SNMP traps generated by the 128T to be sent.

A common deployment scenario is for the NMS to send SNMP GETs to the 128T router on a forwarding interface. In this case, the configuration is different. Those SNMP GETs will arrive at a configured network-interface>address, and there will need to be a corresponding host-service to forward those packets down to the SNMP agent running on the host machine's operating system. As those SNMP packets are forwarded from 128T to the host operating system, they will use a type of interface known as "KNI" -- kernel network interface. The KNI will perform source NAT on the packets, causing the source to always be 169.254.127.126 (irrespective of the real source address). Thus, you'll need to put access-policy on the host-service, rather than within the snmp-server.

------------------------------
pt.
------------------------------

Original Message:
Sent: 01-17-2020 03:11
From: Saori Araki
Subject: How to configure SNMP on 4.2.x

Hello Teams,

I resolved this issue myself, so please kindly ignore my question.

Best,

------------------------------
Saori Araki
Tokyo
+81366997000

Original Message:
Sent: 01-17-2020 00:49
From: Saori Araki
Subject: How to configure SNMP on 4.2.x

Hello teams,

I am considering to configure SNMP server that connected to 128T router on version 4.2.0.
SNMP server is located in same network within 128T router, and router has 1 client on LAN side.

Following of a document "Configuring SNMP", says basic configuration like;

-------------------------------------------------------------------------------
snmp-server
             enabled              true
             version                v2c
             port                     161

             access-control                      my-nms-agent
                          name                         my-nms-agent
                          community              public
                          source                        10.128.201.2
exit

notification-receiver              10.128.201.2          162       trap
             ip-address                    10.128.201.2
             port                                162
             type                                trap
        exit
exit
-------------------------------------------------------------------------------

Does "source" mean IP address of "host client of 128T router" or "SNMP server"?
Also what IP address needs to be assigned on "notification-receiver"?

Here is the excerpt from "/etc/snmp/snmpd.conf" from my SNMP server.
The writing in red is the part I added, other than that, setting is default after it is installed.

--------------------------------------------------------------------------------------------------------------------------------------------------------------

#       sec.name  source          community

com2sec localgroup  localhost  local_community 

 

#       groupName      securityModel securityName

group   local_group     v1      localgroup

group   local_group     v2c     localgroup

group   local_group     usm     localgroup

# Make at least  snmpwalk -v 1 localhost -c public system fast again.

#       name           incl/excl     subtree         mask(optional)

view    all     included        .1      80 

#       group          context sec.model sec.level prefix read   write  notif

access  local_group     ""      any     noauth  exact   all     none    none

--------------------------------------------------------------------------------------------------------------------------------------------------------------

As checking "# snmpwalk -v1 localhost -c local_community ucdavis", it shows much sub-tree information.

If my SNMP server's configuration is correct, I had some mistakes on 128T router setting.
Could you kindly help me to resolve this issue?


Best,

------------------------------
Saori Araki
Tokyo
+81366997000
------------------------------