SNMP
configuration on Nexus
Step1. Login to nexus switch using admin
credentials.
Xshell:\> ssh 192.168.1.1
Connecting to 192.168.1.1:22...
Connection established.
To escape to local shell, press
'Ctrl+Alt+]'.
User Access Verification
Cisco Nexus Operating System (NX-OS)
Software TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2012, Cisco
Systems, Inc. All rights reserved. The copyrights to certain works contained
in this software areowned by other third parties and used and distributed
under
license. Certain components of this
software are licensed underthe GNU General Public License (GPL) version 2.0
or the GNULesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php
and
http://www.opensource.org/licenses/lgpl-2.1.php
Nexus-switch#
|
Step2. Create object group for the
interface used by SNMP server to poll the device. In this example we use the IP
address of management interface. We have given the name snmp-Interface to
management interface. It is basically a IP to name mapping.
Nexus-switch(config)# object-group ip
address snmp-Interface
Nexus-switch(config-ipaddr-ogroup)#
host 192.168.1.1
|
Step3. Configure access list to allow
snmp communication between server and device. Source will be SNMP server IP
address and destination is management interface address.
For simplicity, I have used the IP in
access list; you can specifically allow the snmp ports between server and device.
If you allow specific ports, please make sure that trap port (UDP 162) must
also be opened.
Access list for read only servers:
Nexus-switch(config)# ip access-list Readonly-snmp-traffic
Nexus-switch(config-acl)# permit ip 10.1.1.20/32
addrgroup snmp-Interface
|
Access list for write servers:
Nexus-switch(config)# ip access-list
Readwrite-snmp-traffic
Nexus-switch(config-acl)# permit ip
10.1.1.20/32 addrgroup snmp-Interface
|
Step4. Configure Read only community
Nexus-switch(config)#snmp-server
community CISCORO group network-operator
|
Step5. Configure Read write community
Nexus-switch(config)#snmp-server
community CISCORW group network-admin
|
Step7. Configure access list for snmp
communities.
Nexus-switch(config)#snmp-server
community CISCORO use-acl Readonly-snmp-traffic
Nexus-switch(config)#snmp-server
community CISCORW use-acl Readwrite-snmp-traffic
|
Step8. Configure the device location.
Nexus-switch(config)# # snmp-server
location Lab
|
Step9. Configure the device contact information.
Nexus-switch(config)# snmp-server
contact Network_Team
|
Step10. Configure the SNMP trap source
address. SNMP server will receive traps with source interface mgm0. SNMP server
will convert the traps to alert only if it has the correct MIB in its database.
Nexus-switch(config)# snmp-server
source-interface traps mgmt 0
|
Step12. It enables the EIGRP traps (Authentication
and SIA).
Nexus-switch(config)# snmp-server
enable traps eigrp
|
Step13. Enable
Linkdown traps.
Nexus-switch(config)# snmp-server
enable traps link linkdown
|
Step14.
It will send traps when HSRP state changes.
Nexus-switch(config)# snmp-server
enable traps hsrp state-change
|
Step15. It
enables traps for FAN status change.
Nexus-switch(config)# snmp-server
enable traps entity entity_fan_status_change
|
Step16. Enable
traps for module status change.
Nexus-switch(config)# snmp-server
enable traps entity entity_module_status_change
|
Step17. Enable
traps for unrecognised module
Nexus-switch(config)# snmp-server
enable traps entity entity_unrecognised_module
|
Step18. Device
will send the traps to server 10.1.1.20.
Nexus-switch(config)# snmp-server
host 10.1.1.20 traps CISCOTRAPS
|
This comment has been removed by a blog administrator.
ReplyDeleteHi!
ReplyDeleteHere is a description of the settings snmp version 1 or 2?
PS: great public! Sorry for my English. I'm from Russia