Before you begin. See the appropriate OmniSwitch documentation for more information about the CLI command syntax and SNMP.
Note: The NMS cannot discover an OmniSwitch that is configured with the factory default settings.
Note: You must use a direct console port connection to access an OmniSwitch for the first time. All other management methods such as SNMP, Telnet, FTP, and HTTP, are disabled until you enable them.
1. Open a console window using a direct console port connection to the OmniSwitch.
2. Create a Loopback0 interface and assign an IP address to the interface by entering
the following:
ip interface Loopback0 address xxx.xxx.xxx.xxx
where
xxx.xxx.xxx.xxx is the IP address of the interface
Note: Loopback0 is the name assigned to an IP interface to identify an address
that is used for network management purposes. The Loopback0 interface is not bound to any VLAN, therefore it always remains operationally active.
The Loopback0 interface name is case-sensitive. Ensure that you enter the name exactly as shown.
3. Enable SNMP sessions on the switch by entering the following:
aaa authentication snmp local
4. Enable FTP, Telnet, HTTP, or SSH sessions, if required, by entering the following:
aaa authentication ftp local
aaa authentication telnet local
aaa authentication http local
aaa authentication ssh local
5. Perform one of the following to configure the required version of SNMP on the switch and the NMS:
Note: The OmniSwitch default user, admin, does not have SNMP access.
Before the NMS can discover an OmniSwitch, you must create at least one user on the switch with SNMP access.
a. For SNMP v2c:
1. Configure an SNMP v2 user by entering the following:
user user_name password password no auth
user_name is a username that corresponds to an SNMP v2 user who the NMS can identify; Nokia recommends that you use the name sam, which is the NMS default name
password is a password associated with the username; the password is between 8 and 47 characters
Note:
If you need to use a different SNMPv2 default user name, create an SNMPv2 default user name on the NMS. See “To create a default SNMPv2 OmniSwitch user on a NMS system” in the NMS System Administrator Guide for information about creating an SNMPv2 default user name.
2. Configure SNMP v2 trap forwarding to the NMS by entering the following:
snmp station xxx.xxx.xxx.xxx v2 user_name
where
xxx.xxx.xxx.xxx is the IP address of the NMS main server user_name is the username that you created in 1
Note:
Trap forwarding configuration occurs automatically when the NMS discovers a switch and uses the default SNMP v2 user name sam or the user name configured, if any.
3. Configure an SNMP security level that allows the switch to accept all SNMP queries by entering the following:
snmp security no security
4. Configure an SNMP v2 community string by entering the following:
snmp community map community_string user user_name
where
community_string is the name of an SNMP v2 community string that the 5620 SAM can identify user_name is the SNMP v2 username created in 1
A. Example configuration Omni Switch
IP Loopback= 10.10.10.10
IP Management = 10.10.10.100
Hostname = TeguhRouter
IP NMS = 10.10.10.20
SNMP= public
User Password Local = teguh / teguh-keren
TeguhRouter# show configuration snapshot ip
! IP :
ip service all
ip interface "Management_IP" address 10.10.10.100 mask 255.255.255.240 vlan 22 ifindex 1
ip interface "Loopback0" address 10.10.10.10
ip managed-interface "Management_IP" application tacacs
ip managed-interface "Management_IP" application syslog
ip managed-interface "Management_IP" application radius
TeguhRouter#
TeguhRouter# show user teguh
User name = teguh,
Password expiration = None,
Password allow to be modified date = None,
Account lockout = None,
Password bad attempts = 0,
Read Only for domains = None,
Read/Write for domains = All ,
Snmp allowed = YES,
Snmp authentication = NONE,
Snmp encryption = NONE,
Console-Only = Disabled
TeguhRouter#
TeguhRouter# show configuration snapshot snmp
! SNMP :
snmp security no security
snmp authentication trap enable
snmp community map "public" user "teguh" on
snmp station 10.10.10.20 "teguh" v2 enable
user teguh password teguh-keren no auth
TeguhRouter# show configuration snapshot aaa
! AAA :
aaa authentication console "local"
aaa authentication telnet "local"
aaa authentication ftp "local"
aaa authentication http "local"
aaa authentication snmp "local"
aaa authentication ssh "local"
! PARTM :
! AVLAN :
! 802.1x :
TeguhRouter# exit
B. Example snmpwalk
1. Check IP Server
[root@TeguhLab ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:29:8B:BC:49
inet addr:10.10.10.20 Bcast:10.10.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe8b:bc49/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3629526 errors:0 dropped:0 overruns:0 frame:0
TX packets:18684 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:257358978 (245.4 MiB) TX bytes:4953130 (4.7 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1606 errors:0 dropped:0 overruns:0 frame:0
TX packets:1606 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:110778 (108.1 KiB) TX bytes:110778 (108.1 KiB)
[root@TeguhLab ~]#
2. Running snmpwalk
example
snmpwalk -v2c -c public 10.10.10.10 sysDescr
snmpwalk -v2c -c public 10.10.10.10 1.3.6.1.2.1.1
result
[root@TeguhLab ~]# snmpwalk -v2c -c public 10.10.10.10 sysDescr
SNMPv2-MIB::sysDescr.0 = STRING: Alcatel-Lucent Enterprise OS6860-24 8.3.1.314.R01 GA, September 07, 2016.
[root@TeguhLab ~]#
[root@TeguhLab ~]# snmpwalk -v2c -c public 10.10.10.10 1.3.6.1.2.1.1
SNMPv2-MIB::sysDescr.0 = STRING: Alcatel-Lucent Enterprise OS6860-24 8.3.1.314.R01 GA, September 07, 2016.
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.6486.801.1.1.2.1.11.1.1
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2644111034) 306 days, 0:45:10.34
SNMPv2-MIB::sysContact.0 = STRING: Alcatel-Lucent, http://enterprise.alcatel-lucent.com
SNMPv2-MIB::sysName.0 = STRING: OS6860
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORID.1 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.2 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.4 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORDescr.1 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORDescr.2 = STRING: The SNMP Management Architecture MIB.
SNMPv2-MIB::sysORDescr.3 = STRING: The MIB for Message Processing and Dispatching.
SNMPv2-MIB::sysORDescr.4 = STRING: The management information definitions for the SNMP User-based Security Model.
SNMPv2-MIB::sysORDescr.5 = STRING: View-based Access Control Model for SNMP.
SNMPv2-MIB::sysORUpTime.1 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.2 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.3 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.4 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORUpTime.5 = Timeticks: (0) 0:00:00.00
[root@TeguhLab ~]#
No comments:
Post a Comment