| Mike Leone on 7 Apr 2011 11:41:37 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| [PLUG] Advise on SNMP config on RHEL 5 needed |
I seem to be doing something not quite right here. I have a RHEL 5 server out on our DMZ. We use the Solar Winds monitoring programs to monitor our servers; it monitors by SNMP (among other things). So I had our firewall guy make sure that the firewall was configured to only allow SNMP traffic (UDP 161/162) from the DMZ only to my Solar Winds server, on the trusted LAN. That's working well for the 6 Windows servers also out on the DMZ; SW sees them, queries via SNMP, is identifying disks, NICs, etc. All that good stuff. What's not working right is the RHEL 5 machine I have out there as a FTP server. SolarWinds doesn't seem to be reading the SNMP from this machine correctly (it's not identifying it as Linux, for one thing, and it is do that properly for Debian machines I have on the trusted LAN). Here's what my snmpd.conf looks like: -------------------------------------- rwcommunity DMZ-RW rocommunity DMZ-RO syscontact Mike Leone (cell) my-cell-number-here syslocation Data Center (DMZ) com2sec DMZ-Monitoring default DMZ-RO group DMZ-MonitoringGroup v1 DMZ-Monitoring group DMZ-MonitoringGroup v2c DMZ-Monitoring (I added these next 3, because I saw them in examples. Don't have a clue what they do, or why I need them, or even if they're right ...) view systemview included .1.3.6.1.2.1.1 view systemview included .1.3.6.1.2.1.25.1.1 view all included .1 80 access DMZ-MonitoringGroup "" any noauth exact systemview none none -------------------------------------- snmpwalk seems to work: [root@phaserv1:/etc/snmp] $ snmpwalk -v 1 -c DMZ-RO localhost system SNMPv2-MIB::sysDescr.0 = STRING: Linux phaserv1.xxx.xxxxx.xxx 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:48 EDT 2009 x86_64 SNMPv2-MIB::sysObjectID.0 = OID: NET-SNMP-MIB::netSnmpAgentOIDs.10 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (70705) 0:11:47.05 SNMPv2-MIB::sysContact.0 = STRING: Mike Leone (cell) xxx-xxx-xxxx SNMPv2-MIB::sysName.0 = STRING: phaserv1.xxx.xxxxx.xxx SNMPv2-MIB::sysLocation.0 = STRING: Data Center (DMZ) So I am unsure why I'm not getting back the proper results from my SNMP scans. Ideally, I want to limit it to responding only to SNMP requests from a specific IP address, but I don't know how to tell it to do that. The external firewall is configured correctly for the subnet, since the Win machines on this same DMZ subnet are all being profiled correctly. When I do a scan for SnMP only with Solar Winds, it doesn't see the RHEL server at all. So it's something with this machine. Firewall on here, maybe? Looks like it's running iptables, which I don't know at all ... Anyone see anything untoward in my config? Thanks -- Michael J. Leone, <mailto:turgon@mike-leone.com> PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos> Network apparatchik and all-around drudge. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug