
Switch monitoring via SNMP
21. Nov 2009, 01:22
As promised, I uploaded my Nagios-plugins. You'll find them by entering the Software sector.
Now, I've updated the IOS of all Switches to the newest version, the memory leak is history and I'll give you some short informations about configuring Catalysts to listen to SNMP.
Tutorial in configuring Catalysts to listen to SNMP queries
I'm not trying to introduce the SNMP (Simple Network Management Protocol), maybe it's a topic for a further article, I'll just a briefly describe how to configure the SNMP agent in a Cisco Catalyst.
First of all it's necessary to go to privileged EXEC mode, so you have to login and type enable
. Now you're root and are able to change the router configuration.
Next you have to add an access-list
, to make sure the Nagios server is able to contact this Catalyst. Lets assume our server comes with ip 1.2.3.4
, we can define the following access-list
:
60
identifies this list, and using this list 1.2.3.4
is allowed to do anything on any ports/protocols. You can restrict this rights, but this shouldn't be of interest now.
By default, SNMP access isn't enabled, so we need to design the policy to enable SNMP:
COMMUNITYSTRING
acts like a simple password, the management server has to use it to ask for informations. RO
(read only) determines the access mode. It's also possible to assign RW
(read/write), so the management station is allowed to change different issues, but typically SNMP management station should only read values. 60
is the number of our previous defined access-list
, only questions from hosts that passes this access-list
are answered.
You should know, that there are different versions of SNMP, actually v1-v3. SNMPv1's implementation will communicate the COMMUNITYSTRING
in plain text through your network, so it's something insecure!
Thats it! Now it's time for testing. Log in to 1.2.3.4
and try something like:
This will show you some temperature informations from SWITCHIP
via SNMPv2. Which SNMP versions your routers can speak will be found at Ciscos website.
There's a lot more you can do with SNMP, just play around a little bit!
Kategorien: Betriebssystem Hardware Netzwerk Software