Switching

Hi all

i know its just snmp configuration but for some reason it is not working for me ,so maybe you can help me 

i have a bit complicated setup : i setup librenms on EC2 on aws cloud ,and i`m trying to add my datacenter switch throgh its management ip address but my managment network is completly isloated from AWS traffic so i had to nat the traffic and i`m allowing all traffic on my firewall and i`m allowing all udp traffic on the EC2 

The ping from librenms is working and im able to add the switch by using only ping 

but when i try to add the switch using snmp ,i can`t and i get the error message ` Could not connect to sw1, please check the snmp details and snmp reachability`and ` SNMP v2c: No reply with community private`

here is the configuration of snmp v2 on sw1

view all {
oid .1;
}
community private {
view all;
authorization read-write;
}
trap-group spacenet {
targets {
10.x.x.243;
}
}

Can you please help me on by pointing out if there is something i need to check or add on the switch configuration ?does anyone knows how to check snmp reachability on the switch (other than wireshark }?

Hi ,

Could you please attach the complete SNMP configuration ,

and give the below information :

> are you able to ping the switch from the snmp server 

> when you run the SNMP test on the monitoring tool what is the status 

> are the community string used correct 

Regards ,

Sharanya 

Hi ,

Thank you for helping me out 

let me first answer your questions 

-are you able to ping the switch from the snmp server ? yeah the ping works fine and i`m able to add the device to the snmp server  using just ping

-when you run the SNMP test on the monitoring tool what is the status ? when i try to add the device through snmp(adding device is the only snmp test i did) ,i got the errors `Could not connect to space-sw, please check the snmp details and snmp reachability`

-are the community string used correct ? yes 

for the configuration i`m testing with two switches (same model EX3300) but one with V2C snmp configuration and one with v3

here is the snmp v2c config:

{master:0}[edit snmp]
msaidani@space-sw1# show
view all {
oid .1;
}
community private {
view all;
authorization read-write;
}
trap-options {
source-address 10.10.11.5;
}
trap-group spacenet {
version v2;
targets {
10.200.53.243;
}
}

and here is the snmp v3 config:

v3 {
usm {
local-engine {
user cacti {
authentication-sha {
authentication-key "$9$dGsYoJGDHkP4oZjiHmPhSyreW7Nb4oGSr24ZG q.IEhcevLX-ws4XxDiH.5T/Ctp0IrevMLxcSeWx7Vbz3n/uOEcyleWFnvW8LN-jHkqQFtuOBRh9CKM8X bwqmP5T3CA01Ec9CWLNdsYJGDj"; ## SECRET -DATA
}
privacy-aes128 {
privacy-key "$9$eVKvX7s24oGDVbP5Qz6/lKvL-Vs24oZUSrK8xNbwgoJZ k.5T3pO1zFhSrlLXGDjHP5z36pO1zFvWLxws4aZUqmF3901RHq0BEhrlgoaJGi5QF3/CmPSrKMXxDiHk TzCA0Ehrqmfz3/tp8XxdVYaJDjk"; ## SECRET-DATA
}
}
}
}
vacm {
security-to-group {
security-model usm {
security-name cacti {
group readonlygroup;
}
}
}
access {
group readonlygroup {
default-context-prefix {
security-model usm {
security-level privacy {
read-view readonly;
}
}
}
}
}
}
target-address librenms {
address 10.200.53.243;
port 161;
target-parameters test;
}
}

please note that between snmp server and those switches,there is a firewall ,i allowed everything from the snmp server to switches (or let`s say from snmp server to the nat address i`m using to nat the traffic between the snmp server and the switches )

i`m also attaching a screenshot of web interface of adding the device on the snmp server (the ip address on the screeshot is the nat address i used it to nat/redirect the traffic )

please let me know if you need further information

issue resolved ,it was an issue with the snmp server ,it was trying to use the ip it discovered via DNS request

thanks your help