1. FIREWALL

If you use external firewall make sure the following ports are open: 22 (SSH, TCP), 161(SNMP, TCP/up), 53 (DNS, UDP), 80 and 443 (HTTP HTTPS, TCP), ICMP (ping)


2. INSTALLATION.

- To install SNMP daemon, utilities and libs run this command

~# apt-get install snmpd snmp  smistrip



Tip: If you are using sudo then do “sudo su - root” or “su root” to become the root user


3. CONFIGURATION

  • Move snmd.conf to snmpd.conf_bak:(in order to backup defaults)

    ~]# cd /etc/snmp/
     ~]# mv snmpd.conf snmpd.conf_bak

  • Add the following configuration to a new snmpd.conf file (replace “My Location” and “My Name” with your data):

    ~]# echo 'syslocation "My Location"' >> snmpd.conf
    ~]# echo 'syscontact "My Name"' >> snmpd.conf
    ~]# echo '' >> snmpd.conf
    ~]# echo 'rocommunity public' >> snmpd.conf                                                   
    ~]# echo '' >> snmpd.conf
    ~]# echo 'disk /' >> snmpd.conf

  •  Open /etc/default/snmpd 

    ~]# nano /etc/default/snmpd

  •  Find “SNMPDOPTS=” parameter. On different systems, the configuration strings can be different, but generally, it should look like

    SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
    or 
    SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'

  •  Change the configuration strings to 

    SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'

4. STARTING THE SERVICE


To run the snmpd service in the current session, enter the following at a shell prompt as root:

~]# service snmpd start


5. TESTING, TROUBLESHOOTING


  • To make sure SNMP listens on a valid port and to all IPs execute this command

    ~]# netstat –nepl
  • If SNMP listener works only on 127.0.0.1 IP addresses, try to restart snmpd daemon (~]# service snmpd restart).
  • If the previous step does not help, check “SNMPDOPTS=” string at /etc/default/snmpd and make sure it looks like this

    SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'


  • Make sure SNMP is appropriately installed. For example, the following snmpwalk command shows the system tree with a default agent configuration.

    ~]# snmpwalk -v 2c -c public localhost .1.3.6.1.2.1.1


The output should look like this

SNMPv2-MIB::sysDescr.0 = STRING: Linux snmptest.com 3.8.0-29-generic #42~precise1-Ubuntu SMP Wed Aug 14 16:19:23 UTC 2013 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (52495) 0:08:44.95
SNMPv2-MIB::sysContact.0 = STRING: "My Name"
SNMPv2-MIB::sysName.0 = STRING: snmptest.com
SNMPv2-MIB::sysLocation.0 = STRING: "My Location"
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MIB::snmpFrameworkMIBCompliance
SNMPv2-MIB::sysORID.2 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.3 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance


  • Select a counter by completing the Add SNMP Counters dialog, as described in the previous section, and click Test. You should receive a "The SNMP counter is tested successfully" message.

  • If instead, you receive a "Can't connect to the host" message, make sure that port 161 is open for UDP and TCP traffic on the Linux server. To open these ports, execute the following commands:

    iptables -I INPUT -p udp --dport 161 -j ACCEPT
    iptables -I INPUT -p tcp --dport 161 -j ACCEPT
    iptables -I FORWARD -p udp --dport 161 -j ACCEPT
    iptables -I FORWARD -p tcp --dport 161 -j ACCEPT
     iptables-save
  • No labels