Konfigurasi service SNMP pada ruijie

Konfigurasi service SNMP pada ruijie

13.49

 


I. Requirements

1. Only SNMP network manager (IP:192.168.1.2/24) can access switch SNMP service with community string "ruijie"

2. SNMP agent on switch sends SNMP trap to SNMP manager actively

3. SNMP manager can get basic information of switch ---location, contact method and chassis id


II. Network Topology


III. Configuration Tips


1. Set Read-Only community string and Read-Write community string on switch independently

2. Define ACL to allow authorized SNMP manager to access SNMP agent of switch only

3. Enable SNMP trap

4. Configure SNMP manager



IV. Configuration Steps


1.      Define an access-list named "abc" and an entry to permit IP address of SNMP manager

Ruijie(config)#ip access-list standard abc

Ruijie(config-std-nacl)#permit host 192.168.1.2

Ruijie(config-std-nacl)#exit


2.      Set read-write community string to "ruijie" and read-only community string to "public" , then associate both community strings with ACL to allow only the SNMP manager to access SNMP agent  of switch only

Ruijie(config)#snmp-server community ruijie rw abc

Ruijie(config)#snmp-server community public ro abc   


3.      SNMP agent  on switch actively sends trap to SNMP network manager

Ruijie(config)#snmp-server host 192.168.1.2 traps ruijie         ------>by default , SNMP trap version is version 1

Ruijie(config)#snmp-server host 1.1.1.1 version 2c ruijie        ------>set SNMP trap version to version 2c


4.      Enable trap feature

Ruijie(config)#snmp-server enable traps


5.      Set SNMP optional parameters

Set location

Ruijie(config)#snmp-server location fuzhou


Set contact method

Ruijie(config)#snmp-server contact ruijie.com.cn


Set chassis-id

Ruijie(config)#snmp-server chassis-id 1234567890


6.      Assign a management IP address to SVI 1

Ruijie(config)#interface vlan 1

Ruijie(config-if-VLAN 1)#ip address 192.168.1.1 255.255.255.0


7.      Save configuration

Ruijie(config-if-VLAN 1)#end

Ruijie#write


V. Verification

1. This example shows how to verify SNMP agent status

Ruijie# show service

ssh-server : disabled

telnet-server : enabled

web-server : enabled

snmp-agent : enabled


Following example provides how to disable SNMP agent if snmp agent issue leads to heavy load of CPU :

Ruijie(config)#no enable service snmp-agent


2. This examples shows how to display SNMP host information

Ruijie# show snmp host

Notification host : 192.168.1.2

udp-port : 162

type : trap

user : ruijie

security model : v1


3. Other SNMP manager except for 192.168.1.2 cannot access SNMP agent at the same time.


ryo

Share this

Related Posts

Latest
Previous
Next Post »

Langganan: Posting Komentar (Atom)