Context Navigation

Changes between Version 6 and Version 7 of netmon2017snmp

Timestamp:: Nov 12, 2017, 5:32:20 PM (6 years ago)
Author:: admin
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

netmon2017snmp

-              v6
+              v7
 This might take a few moments if everyone in class is doing this at the same moment.
+Install the net-snmp tools:
+{{{
+$ sudo apt-get install snmp
+$ sudo apt-get install snmp-mibs-downloader
+}}}
+The second of the two commands downloads the standard IETF and IANA SNMP MIBs which are not included by default.
+Now, edit the file /etc/snmp/snmp.conf:
+{{{
+$ sudo vi /etc/snmp/snmp.conf
+}}}
+Note: Here we are using '''vi''' editor. You can use any text editor you are familiar with
+Change this line:
+{{{
+mibs :
+}}}
+so that it looks like:
+{{{
+# mibs :
+}}}
+(You are "commenting out" the empty mibs statement, which was telling the snmp* tools not to automatically load the mibs in the /usr/share/mibs/ directory)
+Now, in your home directory make a .snmp directory with file snmp.conf inside it, make it readable only be you, and add the credentials to it:
+{{{
+$ cd
+$ mkdir .snmp
+$ chmod 700 .snmp/
+$ editor .snmp/snmp.conf
+}}}
+Put the following contents in the file:
+{{{
+defVersion 3
+defSecurityLevel authNoPriv
+defSecurityName admin
+defAuthPassphrase <class passowrd>
+defAuthType SHA
+# Default community when using SNMP v2c
+defCommunity NetManage
+}}}
+Creating this configuration file means you won't have to enter your credentials everytime you use one of the SNMP utilities. Otherwise you would have to add all these values on the command line like this:
+{{{
+snmpstatus -v3 -l authNoPriv -a SHA -u admin -A NetManage pcX
+}}}
+=== Configure SNMP on Your Router/Switch (Already Done) ===
+connect to your router and go to configure mode.
+{{{
+Router> enable
+Router# configure terminal
+}}}
+Now we need to add an Access Control List rule for SNMP access, turn on SNMP, assign a read-only SNMP community string as well as a SNMPv3 group and user and tell the router to maintain SNMP information across reboots. To do this we do:
+{{{
+Router(config)# access-list 99 permit 192.248.6.0 255.255.255.0
+Router(config)# snmp-server community NetManage ro 99
+Router(config)# snmp-server group ReadGroup v3 auth access 99
+Router(config)# snmp-server user admin ReadGroup v3 auth sha <Class Password>
+Router(config)# snmp-server ifindex persist
+Now let's exit and save this new configuration to the routers permanent config.
+Router(config)# exit
+Router# write memory
+Router# exit
+}}}
+Now to see if your changes are working.
+=== Testing SNMP ===
+To check that your SNMP installation works, run the snmpstatus command on each of the following devices
+{{{
+$ snmpstatus <IP_ADDRESS>
+}}}
+Note that you just used SNMPv3. Not all devices that implement SNMP support v3. Try again, adding "-v2c" as a parameter. Notice that the command automatically uses the community string in the snmp.conf file instead of the v3 user credentials. Try "-v1".
+=== SNMP Walk and OIDs ===
+Now, you are going to use the snmpwalk command, part of the SNMP toolkit, to list the tables associated with the OIDs listed below, on each piece of equipment you tried above:
+OID
+{{{
+}}}
+You will try this with two forms of the snmpwalk command:
+{{{
+$ snmpwalk <IP_ADDRESS> <OID>
+}}}
+and
+{{{
+$ snmpwalk -On <IP_ADDRESS> <OID>
+}}}
+example :