Manual Chapter : SNMP

Applies To:

Show Versions Show Versions

ARX

  • 6.3.0
Manual Chapter
12 
Use the show snmp-server command to see all SNMP-configuration settings.
System Information contains configuration information:
Name can be reset with the snmp-server name command.
Contact can be set with snmp-server contact.
Location can be changed with snmp-server location. Name, Contact, and Location are the configurable parts of the MIB-2 system table.
Interface is the interface used for SNMP communication: this is either Management, VLAN, or None, as set by the cfg-mgmt-access permit command.
Traps shows the scope of SNMP traps that the ARX can send. The options are Private Traps enabled (the traps that are unique to the ARX, cataloged in the ARX SNMP Reference), All Traps enabled (ARX-only traps together with generic SNMP traps), or Disabled. You can set this with the snmp-server traps command.
Access Mode/Communities is a table of access permissions (read-only, or read-write) and the community string associated with each. The community string is encrypted. You can use snmp-server community to set it.
Trap Targets shows all of the SNMP hosts configured to receive traps. Use snmp-server host to change this list.
Trusted Hosts are allowed to perform gets and/or sets. The snmp-server trusthost command controls this setting.
bstnA> show snmp-server
bstnA> show snmp-server
External SNMP agents use a community string to access the local SNMP agent. Use the snmp-server community command to enter a valid community string for SNMP access.
Use the no form of snmp-server community to remove a community string from the list.
snmp-server community community-string {read-only | read-write}
no snmp-server community community-string {read-only | read-write}
community-string is up to 16 characters.
read-only | read-write is a required choice. This sets the permissions for agents that access the local SNMP agent.
bstnA(cfg)# snmp-server community public read-only
bstnA(cfg)# no snmp-server community experimental read-write
Use the snmp-server contact command to enter contact information (sysContact, MIB-2.1.1.4) for the ARX.
Use no snmp-server contact to clear the contact information.
contact-info (1-255 characters) is the SNMP contact information. Use quotation marks around the string if it contains any spaces.
The sysContact MIB object is part of the MIB-2.system tree, MIB-2.1.1.4. Use the hostname command to set the sysName object, and use the snmp-server location command to set the sysLocation.
bstnA(cfg)# snmp-server contact jpublic, jpublic@mycompany.com
bstnA(cfg)# no snmp-server contact
Use the snmp-server host command to configure a target for SNMP notifications (such as SNMP traps).
Use the no form of the command to remove an SNMP server from the list.
snmp-server host host-ip community-string [udp-port]
host-ip is the IP address of the SNMP host (for example, 192.168.70.65).
community-string (up to 16 characters) is sent in each SNMP packet.
udp-port (optional; 1-65535) is the UDP port where the remote host is listening for SNMP notifications. For most SNMP hosts, the default (162) is sufficient.
Use the snmp-server traps command to enable SNMP traps.
For communication with an SNMP server (host access or trap transmission), you must also permit access to the SNMP agent through the internal firewall. Use the management access snmp command to edit the rules for SNMP, then use the permit command to permit server access through the out-of-band management interface (labeled MGMT on the front panel), the in-band (VLAN) management interface(s), or both.
bstnA(cfg)# snmp-server host 10.1.1.68 public
bstnA(cfg)# snmp-server host 172.16.100.101 public
bstnA(cfg)# no snmp-server host 192.168.25.215
Use the snmp-server location command to enter location information (sysLocation, MIB-2.1.1.6) for the ARX.
Use the no form of the command to clear the sysLocation setting.
location-info (1-255 characters) is the SNMP-server location information. Use quotation marks around the string if it contains any spaces.
The sysLocation MIB object is part of the MIB-2.system tree, MIB-2.1.1.6. Use the hostname command to set the sysName object, and use the snmp-server contact command to set the sysContact.
bstnA(cfg)# snmp-server location 2nd floor lab, row 3, bay 4, shelf 5
bstnA(cfg)# no snmp-server location
Use the snmp-server name command to enter a new SNMP-advertised name for the ARX (sysName, MIB-2.1.1.5).
Use the no form of the command to erase the name.
snmp-server name machine-name
machine-name (1 to 255 characters) is the administrative name of the server.
The sysName MIB object is part of the MIB-2.system tree, MIB-2.1.1.5. Use the snmp-server location command to set the sysLocation object, and use the snmp-server contact command to set the sysContact.
bstnA(cfg)# snmp-server name acopia1
Use the snmp-server traps command to enable SNMP traps from the ARX.
Use the no snmp-server traps command to disable SNMP traps.
private (optional) enables only private traps, and disables the standard generic traps defined in RFC 1157. If you omit this option, the command enables all traps. Private traps are the enterprise traps defined specifically for the ARX. For a full list of F5s ARX-enterprise (private) traps, see the ARX SNMP Reference.
This command enables all SNMP traps, with an option to omit the generic traps and only use private (ARX) traps. The generic traps are defined in RFC 1157, the specification for SNMP, as one of the following:
Use the snmp-server host command to provide a destination for SNMP traps.
For communication with an SNMP server (host access or trap transmission), you must also permit access to the SNMP agent through the internal firewall. Use the management access snmp command to edit the rules for SNMP, then use the permit command to permit server access through the out-of-band management interface (labeled MGMT on the front panel), the in-band (VLAN) management interface(s), or both.
If you are sending traps out through a channel on the client/server VLANs, use no trap shutdown to enable SNMP traps on the channel.
bstnA(cfg)# snmp-server traps
bstnA(cfg)# no snmp-server traps
Use the snmp-server trusthost command to permit SNMP gets and sets from a remote host.
Use the no form of the command to remove an SNMP host from the list of trusted hosts.
host-ip is the IP address of the SNMP host (for example, 192.168.70.65).
All hosts are trusted (if they use the string(s) specified through snmp-server community) until you limit the number of trusted hosts with this command.
For communication with an SNMP server (host access or trap transmission), you must also permit access to the SNMP agent through the internal firewall. Use the management access snmp command to edit the rules for SNMP, then use the permit command to permit server access through the out-of-band management interface (labeled MGMT on the front panel), the in-band (VLAN) management interface(s), or both.
bstnA(cfg)# snmp-server trusthost 10.1.1.68
bstnA(cfg)# no snmp-server trusthost 172.16.100.101