1 / 16

SNMP

SNMP . SNMP. Monitoring Read (udp 162) Write (udp 162) Traps (udp161). Brief description.

charles-good
Download Presentation

SNMP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SNMP

  2. SNMP • Monitoring • Read (udp 162) • Write (udp 162) • Traps (udp161)

  3. Brief description Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring the health and welfare of network equipment (eg. routers), computer equipment and even devices like UPSs. Net-SNMP is a suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6.

  4. Net-SNMP Net-SNMP Tutorialshttp://www.net-snmp.org/tutorial/tutorial-5/ Download Net-SNMPhttp://www.net-snmp.org/download.html Net-SNMP Documentationhttp://www.net-snmp.org/docs/readmefiles.html

  5. Install If you want to install snmp server in debian you need to install snmpd package using the following command. This will complete the installation process. #apt-get install snmpd

  6. Backup default config Before doing any changes to your /etc/snmp/snmpd.conf file take a copy of original file using the following command. #cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

  7. Config files Default Configuration files are located at /etc/snmp directory this contains the following files. /etc/snmp/snmpd.conf - configuration file for the Net-SNMP SNMP agent./etc/snmp/snmptrapd.conf - configuration file for the Net-SNMP trap daemon.

  8. Setup Set up the snmp server to allow read access from the other machines in your network for this you need to open the file /etc/snmp/snmpd.conf change the following Configuration and save the file.

  9. First step # sec.name           source  community   com2sec paranoid default public#com2sec readonly default public#com2sec readwrite default privateto#com2sec paranoid default public   com2sec local   localhost public   com2sec localnet 172.16.99.0/24 public#com2sec readwrite default private Syntax : com2sec <name> <hosts-that-can-poll> <community-name>

  10. Second step • togroup MyROSystem v1 localgroup MyROSystem v2c localgroup MyROSystemusm localgroup MyROGroup v1 localnetgroup MyROGroup v2c localnetgroup MyROGroupusmlocalnetgroup MyRWGroup v1 localgroup MyRWGroup v2c localgroup MyRWGroupusm local • Syntax : group <name> <type> <com2sec-name> ##### Second, map the security names into group names:# sec.model sec.namegroup MyROSystem v1 paranoidgroup MyROSystem v2c paranoidgroup MyROSystem usm paranoidgroup MyROGroup v1 readonlygroup MyROGroup v2c readonlygroup MyROGroup usm readonlygroup MyRWGroup v1 readwritegroup MyRWGroup v2c readwritegroup MyRWGroup usm readwrite

  11. Third step ##### Third, create a view for us to let the groups have rights to:# incl/excl subtree maskview all included .1 80view system included .iso.org.dod.internet.mgmt.mib-2.systemDon't change anything here leave this one as default setting

  12. Fourth step ##### Finally, grant the 2 groups access to the 1 view with different# write permissions:# context sec.model sec.level match read write notifaccess MyROSystem "" any noauth exact system none noneaccess MyROGroup "" any noauth exact all none noneaccess MyRWGroup "" any noauth exact all all none Syntax : access <group-name> <sec-level> any noauth exact <read-permission> <write-permission> <notification>Don't change anything here leave this one as default setting.

  13. Optional Optional Configuration# System contact informationsyslocation Unknown (configure /etc/snmp/snmpd.local.conf)syscontact Root <root@localhost> (configure /etc/snmp/snmpd.local.conf)

  14. Restart daemon #/etc/init.d/snmpd restart The daemon, not the server … ;)

  15. Install SNMP client tools #apt-get install snmp

  16. Test your config #snmpwalk -v 2c -c <community> <remotemachineipaddress> SNMPv2-MIB::sysDescr.0 = STRING: Linux sritest 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10SNMPv2-MIB::sysUpTime.0 = Timeticks: (168871) 0:28:08.71 … …

More Related