Looking for tips on enabling and configuring SNMP on Windows, Cisco, Linux, Unix and ESXi? You've come to the right place. In this post, we've gathered all of our tips for enabling and configuring SNMP together for a one-stop-shop.
Enabling and Configuring SNMP on Windows
The first step is adding the feature (Server 2008 and above) or ‘Add/Remove Windows Components’ (Server 2003 or below).
Once the feature/component is added, open your services.msc. 'Start > Run > services.msc' find the SNMP service and double-click it.
There are two important areas in the SNMP service configuration. The ‘Traps’ tab determines where SNMP traps from the Windows host will be sent and which community name those traps will use.
The ‘Security’ tab allows you to set up your read/write community names and grant access to the WhatsUp Gold server.
Once you apply your settings, restart the SNMP service for those settings to take effect. Then, you’re done.
Some interesting things I’ve stumbled upon…
- (Hotfix) The SNMP service does not respond to any SNMP requests after a Group Policy refresh in Windows Vista, in Windows Server 2008, in Windows 7 or in Windows Server 2008 R2
- (Hotfix) Incorrect source IP address is returned in the SNMP response in Windows 8, Windows Server 2012, Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008
Enabling and Configuring SNMP on Linux/Unix
On Linux/Unix, you will need configure snmpd.conf.
Below is a basic sample configuration — although you can get much more complex and do a lot more with it. Once you update your /etc/snmp/snmpd.conf properly, restart snmpd:
rocommunity wugninja ## sec.name source community ## ======== ====== ========= com2sec local localhost wugninja com2sec network_1 192.168.1.0/24 wugninja ## Access.group.name sec.model sec.name ## ================= ========= ======== group MyROGroup_1 v1 local group MyROGroup_1 v2c network_1 ## MIB.view.name incl/excl MIB.subtree mask ## ============== ========= =========== ==== view all-mibs included .1 80 ## MIB ## group.name context sec.model sec.level prefix read write notif ## ========== ======= ========= ========= ====== ==== ===== ===== access MyROGroup_1 "" v1 noauth exact all-mibs none none access MyROGroup_1 "" v2c noauth exact all-mibs none none dontLogTCPWrappersConnects yes
Enabling and Configuring SNMP on Cisco Devices
Configuration of SNMP on Cisco devices will vary slightly depending on the type — but in general, they are nearly identical. Here are some links to the Cisco documents:
Enable SNMP on VMware ESXi Bare-Metal Hypervisor
Depending on your version of ESXi, the setup steps will change. For my sanity, I am only going to list ESXi 5.0, 5.1+. Prior to 5.0 the steps were significantly different.
- ESXi 5.0: VMware documentation
- ESXi 5.1+: VMware documentation
The commands below will setup SNMP and allow SNMP through the firewall. If you prefer, you can setup the firewall rules using the vSphere Client GUI under Configuration > Security Profile. Replace ‘YOUR_STRING’ with your community string
esxcli system snmp set --communities YOUR_STRING esxcli system snmp set --enable true esxcli network firewall ruleset set --ruleset-id snmp --allowed-all true esxcli network firewall ruleset set --ruleset-id snmp --enabled true /etc/init.d/snmpd restart
These posts originally appeared on my WUG.ninja blog. I have many other items posted there that will help you do things with WhatsUp Gold you may not have known were possible.