SNMP - jibingl/CCNA-CCNP GitHub Wiki

SNMP Version Authentication Encryption
v1 community-string match No
v2c community-string match No
v3 HMAC-MD5 or HMAC-SHA AES, 3DES or DES

SNMP Framework and Components

                           NMS(SRV1)
                       .--------------.
                       |   SNMP App   |
                       +--------------+
                       | SNMP Manager |
                       `-----p162-----`
                               | 
           .-------------------+-------------------. 
           |            (SNMP Messages)            | 
    .----p161----.                           .----p161----.
    | SNMP Agent |                           | SNMP Agent |
    +------------+                           +------------+
    |    MIB     |                           |    MIB     |
    `------------`                           `------------`
   Managed Device [SW1]                     Managed Device (R1)

MIB: Management Information Base, contains the variables that are identified as Object ID (OID).

OID example .1.3.6.1.2.1.1.5:

    .1      .3      .6      .1      .2      .1      .1      .5
     |       |       |       |       |       |       |       |
    iso      |      dod   internet   |     mib-2     |     sysName
      identified-orgnazition        mgmt           system

SNMP Messages

Manager Polls Agent Responses
get-request a specific OID get-response to Manager polls
get-next-request subsequent info after init request get-response to Manager polls
get-bulk-request entire tables from MIB get-response to Manager polls
set-request configuration get-response to Manager polls
trap send data without requests
inform-request ack required from Manager

Configuration

v3

                                                                                     //          MIB_Object
                                                                                     //             |
R1(config)# snmp-server view <VIEW_NAME> iso included                                //     .---> View
                                                                                     // R/W |
R1(config)# snmp-server group <GROUP> v3 priv read <VIEW_NAME> write <VIEW_NAME>     //     `---- Group <--.
                                                                                     //                    | auth/priv
R1(config)# snmp-server user <USER> <GROUP> v3 auth sha <PASS> priv aes 128 <PASS>   //           User ----`

R1(config)# snmp-server host <NMS_IP> informs version 3 priv <USER>                  //(Optional) Configure traps/informs

v2c

R1(config)# snmp-server contact [email protected]                    //Optional info
R1(config)# snmp-server location Winnipeg                             //Optional info
R1(config)# snmp-server community <STRING1> ro                        //No 'set' message. Default <string1> is 'public'
R1(config)# snmp-server community <STRING2> rw                        //read and write. Default <string2> is 'private'
R1(config)# snmp-server host <NMS_IP> version 2c <STRING1>            //Specify NMS to only read (ro)
R1(config)# snmp-server enable traps snmap linkdown linkup            //Send unsolicited messages (traps) if links are up or down
R1(config)# snmp-server enable traps config                           //Send unsolicited messages (traps) if configuration changed
⚠️ **GitHub.com Fallback** ⚠️