The following code is an example configuration for a cisco device using SNMP v1 or v2 showing how to configure and access list, an SNMP view, SNMP read-only access and read-write access. If you would prefer to use SNMP V3 see our guide here.
If you are looking for a good SNMP management platform to provide fault and performance management you can download NMIS from here. NMIS is an open source network management system, which supports Cisco devices including Nexus, ASR, CRS, Catalyst and good old IOS.
The first command in the code below creates an access list that includes any device from 192.168.1.X and names the list 42.
The configuration then creates a view of the SNMP tree named NMIS8RO that allows the whole tree (iso is the root) to be visible (this could be changed so only the ifTable was accessible, for example), the community string NMISreadView is then attached to the view NMIS8RO and added as read-only to the access list 42.
The next line does almost the same thing, granting full access (no view specified) as read-only to our 42 access list.
If read-write access is required you can use the next line, it enables SNMP writes using NMISwrite as the community string that has full access to the snmp tree (no view given) when connecting from access list 42.
Next location and contact details are configured.
! Access list to limit servers which can do SNMP access-list 42 permit 192.168.1.0 0.0.0.255 ! ! SNMP View to ensure entire SNMP Tree is available (optional) snmp-server view NMIS8RO iso included ! ! Read only Community String with view and Access List snmp-server community NMISreadView view NMIS8RO RO 42 ! ! Read only Community String and Access List snmp-server community NMISread RO 42 ! ! Read write community with access list (needed for IPSLA) snmp-server community NMISwrite RW 42 ! ! Set the location (optional) snmp-server location Brisbane, Queensland, Australia ! ! Set the contact (optional) snmp-server contact NMIS Dudes, +617 3555 5558
That should be all that is required to get basic SNMP access to your router configured. If you haven't already, add your cisco device to NMIS, instructions to do that are here. Note: if you have setup your device and everything should be working but it doesn't, try using SNMP v1 (see the previous instructions for how to do that in NMIS)
To test the new configuration use snmpwalk on your linux server running NMIS or your NMIS VM:
snmpwalk -v 2c -c NMISread <cisco_device_name_or_ip> 220.127.116.11.2.1.1
This command should output something like this:
NMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 12.4(25f), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2011 by Cisco Systems, Inc. Compiled Tue 16-Aug-11 06:21 by prod_rel_team SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.620 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (96372878) 11 days, 3:42:08.78 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: cisco_device_name_or_ip SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 78 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
For more information, commands and sample configurations see the cisco configuration guide: http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html