From: sabrina pittarel (sabri_esame@yahoo.com)
Date: Mon Aug 14 2006 - 14:38:55 ART
If you only want to generate traps (and you don't want
you router to reply to SNMP GET requests) then the
snmp-server host command is enough, but remember to
enable traps as well.
Just try it out.
Ex. Enable OSPF traps:
snmp-server enable traps ospf
snmp-server host <host address> <community string>
ospf
deb ip snmp packet
Note that for <host address> you can take whatever
address you want, the SNMP process is not going to
check if the address is reachable while generating the
trap
Sabrina
--- Radoslav Vasilev <deckland@gmail.com> wrote:
> Hi Group,
>
> Simple question regarding the Cisco's recommended
> way snmp traps should be
> configured.
> From the ``snmp-server host`` command reference,
> particularly the community
> option description:
>
> <docd>
> The password-like community string sent with the
> notification operation.
> Though you can set this string with the *snmp-server
> host* command by
> itself, Cisco recommends that you define this string
> with the *snmp-server
> community* command before you issue the *snmp-server
> host* command.
>
> </docd>
>
> Basically, as an example:
>
> snmp-server community blabla 10
> snmp-server host 1.1.1.1 blabla
> access-list 10 deny any
>
> I'm sure you've seen that way of configuring, so
> basically while satisfying
> the cisco recommendation of explicitly configuring
> the community with
> `snmp-server community`` command, they make sure
> nobody is capable of
> polling the device with the same string (lab
> requirenments reasons).
>
> My question: why do we need to additionally use the
> snmp-server community
> for the trap community string?
> If the requirenment is to create a "trap-only"
> community, shouldn't that be
> enough:
>
> snm-server host 1.1.1.1 blabla ...
>
> Thanks for your help!
> Rado
>
>
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART