Enabling SNMP

It should be obvious that since you’re trying to manage a network, you should be able to use the network to help manage your network equipment. That’s the goal of the Simple Network Management Protocol (SNMP). This protocol enables network-management stations to gather information from network nodes. Network nodes can be almost anything, ranging from the simplest bridge to the largest router, and even including software running inside the servers. Virtually all modern network equipment includes an SNMP agent, which is the software that communicates with the management station. Network-management stations can run commercial management software, or they can use homegrown tools.

I will not try to give an introduction to SNMP, nor will I talk about management software.[1] In this section, I’ll briefly describe how to configure the SNMP agent in a Cisco router. If you’re not using SNMP, you can skip this section—though you should certainly investigate what SNMP can do for you.

By default, SNMP access is not enabled. To enable SNMP, use the command:

snmp-server community name mode access-list

The parameters are as follows:

name

The community string the management station will use to ask for information. This string acts like a password. SNMPv1’s implementation is insecure because the string travels across the network in clear text. Anyone snooping on your network will be able to see the community string pass back and forth. To improve security, use the access-list option. ...

Get CISCO IOS in a Nutshell now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.