Включение SNMP на Cisco IronPort

2016-08-21

Небольшая инструкция по включению SNMP на Cisco IronPort.

  1. Убедитесь что у вас включен SSH. Для этого в веб-панели управления зайдите в Network > IP Interfaces, выберите свой management интерфейс и проверьте стоит ли галочка возле SSH (как показано на рисунке ниже)111
  2. Подключитесь по SSH
  3. Настройте параметры SNMP с помощью визарда: 
    relay.somehost> snmpconfig

Current SNMP settings: SNMP Disabled.

Choose the operation you want to perform:

  • SETUP - Configure SNMP. []> SETUP

Do you want to enable SNMP? [Y]>

Please choose an IP interface for SNMP requests.

  1. dmz-172.27.18.0/24 (172.27.18.131/24: relay.somehost)
  2. dmz-172.27.28.0/24 (172.27.28.131/24: relay.somehost)
  3. Management (172.27.8.131/24: relay.somehost) [3]> 3

Which port shall the SNMP daemon listen on interface “Management”? [161]>

Please select SNMPv3 authentication type:

  1. MD5
  2. SHA [1]> 2

Please select SNMPv3 privacy protocol:

  1. DES
  2. AES [1]> 2

Enter the SNMPv3 authentication passphrase. []> Please enter the SNMPv3 authentication passphrase again to confirm. []> Enter the SNMPv3 privacy passphrase. []> Please enter the SNMPv3 privacy passphrase again to confirm. []> Warning: The same authentication and privacy passwords reduce the security of the system. Do you want to set other passwords? [Y]> n

Service SNMP V1/V2c requests? [N]> y

Enter the SNMP V1/V2c community string. [ironport]> <snmp_community>

Shall SNMP V2c requests be serviced from IPv4 addresses? [Y]>

From which IPv4 networks shall SNMP V1/V2c requests be allowed? Separate multiple networks with commas. [127.0.0.1/32]> 172.27.8.0/24

Enter the Trap target as a host name, IP address or list of IP addresses separated by commas (IP address preferred). Enter “None” to disable traps. [127.0.0.1]>

Enter the Trap Community string. [ironport]>

Enterprise Trap Status

  1. CPUUtilizationExceeded Disabled
  2. RAIDStatusChange Enabled
  3. connectivityFailure Disabled
  4. fanFailure Enabled
  5. highTemperature Enabled
  6. keyExpiration Enabled
  7. linkUpDown Enabled
  8. memoryUtilizationExceeded Disabled
  9. powerSupplyStatusChange Enabled
  10. resourceConservationMode Enabled
  11. updateFailure Enabled Do you want to change any of these settings? [N]>

Enter the System Location string. [Unknown: Not Yet Configured]> UA, Kiev

Enter the System Contact string. [snmp@localhost]>

Current SNMP settings: Listening on interface “Management” 172.27.8.131/24 port 161. SNMP v3: Enabled. SNMP v1/v2: Enabled, accepting requests from subnet 172.27.8.0/24 . SNMP v1/v2 Community String: <snmp_community> Trap target: 127.0.0.1 Location: UA, Kiev, D50 System Contact: snmp@localhost

Choose the operation you want to perform:

  • SETUP - Configure SNMP. []> commit

Do you want to save the current configuration for rollback? [Y]> y

Changes committed: Sun Aug 21 13:35:53 2016 EEST relay.somehost>

  1. После этих манипуляций вы можете снимать информацию в вашего IronPort’a при помощи SNMP
CiscoIT worldПолезностиСетиciscocisco ironportcisco ironport snmpcisco snmpironportsnmp

Утилиты для проверки производительности системы в *nix

Обновление SSL сертификата StartSSL на Cisco ASA