SOP New Site Standups
Simple Network Management Protocol (SNMP) is an internet protocol that network devices can use to communicate with one another and share information.
2 min read
Prep Standup
Define Subnet
The (Management Information Base) MIB Walk tool walks the SNMP tree for a target device and pulls the value of each OID in the supported MIBs. Use the MIB Walk tool to find out what MIBs and OIDs are supported on a particular device. MIB Walk uses the SolarWinds MIB database to determine the common, human-readable name for each OID and the MIB to which it belongs. SNMP communication must be enabled on the device. To walk the MIBs, you can use either the read-only or the read and write community string.
Create a scope in DHCP Server
An SNMP View must be associated with an SNMP Group. The SNMP Group does the work of defining the type of access: read-only or read/write. The SNMP Group also specifies what kind of security is enabled during the interaction with the device in question.
IP helper command
!Point Layer 3 Routing to DHCP Server
ip-helper
Define any PDS (Protective Distribution Systems)
OID is a code string that represents some value.
MIB is just a database of all available OID's for the device, describing which OID is linked to which value.
Prep RADIUS Server for new Client
Example: you have an interface eth0/0. This interface have some characteristics, like current MTU, Bandwidth, packet count, error count etc. Each characteristic can be presented by a numeric value:
MTU 1500
Bandwidth 10000
Packets 2442334
Errors 1332
Each of these values can be queried or read using a specific OID. For example MTU could be linked to OID 2.3.1.5.1.5.1.2.2.3.2.2.2.3.2.1.Write your text here...
Setting up SNMPv3
Setting up SNMP View
snmp-server view ADMINView internet included
snmp-server view ADMINView mib-2 included
snmp-server view ADMINView cisco included
snmp-server view ADMINView ciscoEvMonSupplyStatusEntry.3 included
snmp-server trap-source VlanData
snmp-server source -interface informs VlanData
snmp-server enable traps snmp authentication
snmp-server enable traps rf
snmp-server enable traps memory
snmp server enable traps config
snmp-server trap timestamp
snmp-server host LOGGING SERVER IP version 3 priv ADMIN
Adding SNMP-Server Host to ACL (Poller Account)
!ip access-list standard ADMIN_Poller
! permit <LOGGING SERVER IP>
ip access-list standard ADMIN_Poller
permit <192.168.1.100>
Setting up SNMP-Server Host
!snmp-server host <LOGGING SERVER IP> version 3 priv <SNMP_USER>
snmp-server host <192.168.1.100> version 3 priv <ADMIN>
Setting up SNMP User
!snmp-server user <USERNAME> <GROUPNAME> v3 auth sha <PASSWORD> priv aes 256 <ACL-Poller>
snmp-server user ADMIN ADMINGroup v3 auth sha P@$$w0rd priv aes 128 P@$$w0rd access ADMIN_Poller
Setting up SNMP Group
!snmp-server group <GROUP-NAME> v3 priv access <SNMP-VIEW> access type <ACL-Poller>
snmp-server group ADMINGroup v3 priv read ADMINview write ADMINview access ADMIN_Poller
Troubleshooting SNMP Issues
Verify Switch is Using ACL
switch# sh snmp user
Verify Access List
switch# sh access-list
Verify ACL changes
switch# sh access-list