No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Network Management and Monitoring

AR100, AR120, AR150, AR160, AR200, AR1200, AR2200, AR3200, and AR3600 V200R009

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Basic SNMPv1 Functions

Configuring Basic SNMPv1 Functions

Context

For the configuration of basic SNMP functions, 1, 5, 6, 7 and 8 are mandatory steps. After the configuration is complete, basic SNMP communication can be established between the NMS and managed device.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run snmp-agent server-source { -a [ ipv6 ] source-ip-address | -i [ ipv6 ] interface-type interface-number }

    The source IP address used by the SNMP server to send packets is specified.

    By default, the SNMP server uses source IP address 0.0.0.0 to send packets.

    If the default value 0.0.0.0 is not changed, the device selects a source IP address according to routing entries to send packets. When an ACL is configured to filter incoming and outgoing packets on a device, the ACL rules are configured based on interface IP addresses, and packet filtering is affected by interface status. You can select a stable interface as the source interface, for example, the loopback interface. Setting the source or destination address in an ACL rule as a stable interface's address can simplify the configurations of ACL rules and security policies. In addition, packet filtering will not be affected by interface IP addresses and interface status, and device security is improved.

  3. (Optional) Run snmp-agent

    The SNMP agent is enabled.

    By default, the SNMP agent is disabled. Executing the snmp-agent command can enable the SNMP Agent no matter whether a parameter is specified in the command.

  4. (Optional) Run snmp-agent source loopback

    A Loopback interface is configured as the source interface that sends packets.

    By default, the source interface for sending packets is a physical outbound interface.

    After the NMS sends a get operation request to the device, the device replies with a response packet. The response packet carries source interface information. The device uses the IP address of this interface as the source address of packets. When an ACL is configured on the NMS to filter the packets sent from the device, the ACL rules vary according to source interface IP addresses, and communication may be affected by interface status. After a Loopback interface is configured as the source interface for response packets, the impact of source address difference and interface status can be avoided by specifying the source address in an ACL rule as this Loopback interface address. This configuration allows the device to filter outgoing packets and protect security. In addition, the configurations of ACL rules and security policies are simplified.

  5. Run snmp-agent sys-info version v1

    The SNMP version is set to SNMPv1.

    By default, the device supports SNMPv3. After you set the SNMP version to SNMPv1, the device supports both SNMPv1 and SNMPv3, and can be managed by NMSs running SNMPv1 and SNMPv3.

  6. Run snmp-agent community { read | write } community-name

    The read/write community name is set.

    By default, no read/write community name is configured.

    By default, the complexity check for community names is enabled. The complexity requirements are as follows:
    • The community name contains at least six characters.

    • The community name must be a combination of at least two of the following: uppercase letters, lowercase letters, digits, and special characters (excluding spaces). If the string is enclosed in double quotation marks (" "), the string can contain spaces.

    If the check fails, the community name cannot be configured.

    To change the access right of the NMS, see Restricting Management Rights of the NMS. Ensure that the community name of the NMS is the same as that set on the agent. If the NMS and the agent use different community names, the NMS cannot access the agent.

    The configured community names are stored in cipher text in the configuration file. To save the community name in the configuration file as plain text, run the snmp-agent community simple { read | write } community-name [ mib-view view-name | acl acl-number ]* command.

  7. Run snmp-agent target-host trap-paramsname paramsname v1 securityname securityname [ binding-private-value ] [ private-netmanager ]

    Parameters for sending trap messages are set.

    By default, the parameters for sending trap messages are not set.

  8. Run snmp-agent target-host trap-hostname hostname address { ipv4-addr [ udp-port udp-portid ] [ public-net | vpn-instance vpn-instance-name ] | ipv6 ipv6-addr [ udp-port udp-portid ] } trap-paramsname paramsname [ notify-filter-profile profile-name ]

    The target host for receiving trap messages and error codes is specified.

    By default, the target host for receiving trap messages and error codes is not specified.

    NOTE:

    Before configuring a device to send traps, confirm that the information center has been enabled. If the information center is not enabled, run the info-center enable command to enable it.

    Note the following when running the command:
    • The default destination UDP port number is 162. To ensure secure communication between the NMS and managed devices, run the udp-port command to change the UDP port number to a non-well-known port number.

    • If traps sent from the managed device to the NMS need to be transmitted over a public network, the public-net parameter needs to be configured. If traps sent from the managed device to the NMS need to be transmitted over a private network, the vpn-instance vpn-instance-name parameter needs to be configured to specify a VPN that will take over the transmission task.

  9. (Optional) Run snmp-agent sys-info { contact contact | location location }

    The equipment administrators contact information or location is configured.

    By default, the vendor's contact information is "R&D Shenzhen, Huawei Technologies Co.,Ltd." The default location is "Shenzhen China."

    This step is required for the NMS administrator to view contact information and locations of the equipment administrator when the NMS manages many devices. This helps the NMS administrator to contact the equipment administrators for fault location and rectification.

    To configure both the equipment administrators contact information and location, run the snmp-agent sys-info command twice.

Translation
Download
Updated: 2019-05-17

Document ID: EDOC1000174072

Views: 121832

Downloads: 372

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next