RE: Enable sending just RMON trap

From: Carlos Galvez (galvezc.ccie@gmail.com)
Date: Fri Apr 04 2008 - 10:42:38 ART

• Next message: Navid Daghighi: "PST or PDT ? (IEWB lab 11 & 12)"
• Previous message: Scott Morris: "RE: Cat QoS VoD"
• Maybe in reply to: CCIE: "Enable sending just RMON trap"
• Next in thread: Carlos Galvez: "RE: Enable sending just RMON trap"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi,

Actually the line:

snmp-server host 130.1.17.100 IETRAP

Has nothing to do with RMON (or you did not paste the whole SNMP
configuration).. it will just redirect SNMP Traps to that address with that
RO community string, the issue here is the next line:

snmp-server enable traps

You enabled traps globally which means the device will send traps like crazy
for every single event going on. You can restrict the MIBs that will be
allowed to be monitored on the device and can go as specific as which OID
will be allowed to be sent. We have 2 ways to do this.

1. Under config mode enable traps but only for the services that you are
interested in (and remember to remove the line " snmp-server enable traps")

2. Configure SNMP Views (this one is a little more complicated but a whole
more secure) for the MIBs that will be allowed to be monitored on the
device.

Let me get you some links...

RMON configuration:
http://www.cisco.com/en/US/tech/tk961/technologies_configuration_example0918
6a0080093e96.shtml

How to chose the OIDs to be sent:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080
094a05.shtml

You have to always take care when using SNMP, I really recommend v3 which is
also fun to configure, anyway here is a link for SNMP hardening.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080
120f48.shtml

SNMP Views
http://www.cisco.com/en/US/docs/ios/12_4/netmgmt/configuration/guide/htnmsnm
p.html

Hope this helps.
Carlos Galvez

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of CCIE
Sent: Friday, April 04, 2008 12:19 AM
To: ccielab@groupstudy.com
Subject: Enable sending just RMON trap

Dear Experts,

Once I configure RMON to send it warnings to an snmp server

snmp-server host 130.1.17.100 IETRAP

snmp-server enable traps ! How I could restrict to send just RMON
traps instead of just enable all the traps support on my system

Regards,

Amin

• Next message: Navid Daghighi: "PST or PDT ? (IEWB lab 11 & 12)"
• Previous message: Scott Morris: "RE: Cat QoS VoD"
• Maybe in reply to: CCIE: "Enable sending just RMON trap"
• Next in thread: Carlos Galvez: "RE: Enable sending just RMON trap"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2008 - 08:25:50 ART