SNMP inform trap
- SRXでは以下でinformTRAPは送信できる。
- v2cでセキュリティは設定せず、trapのみを検知送信する要件
- SNMPCOMMUNITYはpublic等 設定環境に合わせること。
- クエリソースの制限ACLについては検討
root@srx100h# show snmp
v3 {
target-address NNM {
address 192.168.1.10;
target-parameters NNM-PARAM;
}
target-parameters NNM-PARAM {
parameters {
message-processing-model v2c;
security-model v2c;
security-level none;
security-name SNMPCOMMUNITY;
}
}
notify NOTIFY {
type inform;
}
}
community SNMPCOMMUNITY;
[edit]
root@srx100h#
root@srx100h# show snmp | display set
set snmp v3 target-address NNM address 192.168.1.10
set snmp v3 target-address NNM target-parameters NNM-PARAM
set snmp v3 target-parameters NNM-PARAM parameters message-processing-model v2c
set snmp v3 target-parameters NNM-PARAM parameters security-model v2c
set snmp v3 target-parameters NNM-PARAM parameters security-level none
set snmp v3 target-parameters NNM-PARAM parameters security-name SNMPCOMMUNITY
set snmp v3 notify NOTIFY type inform
set snmp client-list NNMhosts 192.168.1.0/24
set snmp community SNMPCOMMUNITY authorization read-only
set snmp community SNMPCOMMUNITY client-list-name NNMhosts
- デフォルトリトライ値等は以下
root@srx100h# show | display detail
##
## v3: SNMPv3 configuration information
##
##
## SNMP target address name
## range: 1 .. 32
##
target-address NNM {
##
## address: SNMP target address
##
address 192.168.1.10;
##
## port: SNMP target port number
##
## default: 162
##
## timeout: Acknowledgment timeout for confirmed SNMP notifications
## units: seconds
##
## default: 15
##
## retry-count: Maximum retry count for confirmed SNMP notifications
## range: 0 .. 255
##
## default: 3
##
## target-parameters: SNMPv3 target parameter name in the target parameters table
## range: 1 .. 32
##
target-parameters NNM-PARAM;
}
##
## SNMPv3 target parameters name
## range: 1 .. 32
##
target-parameters NNM-PARAM {
##
## parameters: Parameters used when sending notifications
##
parameters {
##
## message-processing-model: The message processing model to be used when generating SNMP notifications
##
message-processing-model v2c;
##
## security-model: Security-model used when generating SNMP notifications
##
security-model v2c;
##
## security-level: Security-level used when generating SNMP notifications
##
security-level none;
##
## security-name: Security name used when generating SNMP notifications
## range: 1 .. 32
##
security-name SNMPCOMMUNITY;
}
}
##
## Notify name
## range: 1 .. 32
##
notify NOTIFY {
##
## type: Notification type
## default: trap
##
type inform;
}
[edit snmp v3]
root@srx100h#
通常設定
set snmp client-list NNMhosts 192.168.1.0/24
set snmp community public authorization read-only
set snmp community public client-list-name NNMhosts
最終更新:2012年05月28日 06:11
