snmp

Enabling snmp on firewall

• Sign into the fw web app and enable to snmp service
• The community string is important
• restart the service

Querying snmp

• snmp needs to be installed as a service to be queried.
• on the mangment machine snmpwalk -Os -c 'community string' -v2c 'host name' system

Installing snmp on ad and managment on mgmt

• Using the server manger install the snmp tools remote service on mangmnt
• install snmp as a service on ad
• to allow for remote computer management first use Enter-PSSession
• To allow computer management run Set-NetFirewallRule -DiplayGroup "Remote Event Log Management" -Enabled True
• Change properties on snmp service using computer managment to the accept community string and restrict queries.

tcpdump

• Tcpdump can be used to monitor tcp traffic
• the following command is an example of such sudo tcpdump -i ens192 port 161 -c10 -AAA this will show the 10 tcp packets on port 161 on the ens192 interface.

Additional Research

• How to use tcpdump effectively? Works similar to Wireshark in its ability to show network traffic for trouble shooting.
• Automate snmp service installation? This could be done through ansible or a remote management service which has a script installing the service.
• Other management tools such as zabbix offer additional functionality to snmp and are useful tools.