SNMPv2 Server


Scenario:

The Agency has created a new security policy and since you are part of the security team you need to help them implement them. Some changes on the network have to be implemented through SNMPv2 and it’s up to you to configure your router as a SMPv2 agent.

Goal:

  • All IP addresses have been preconfigured for you.
  • Optional: You can use the cloud interface to connect your router to a free syslog server like Kiwi Syslog Server (also works for SNMPv2).
  • Configure router Agent so it uses community string “VAULT”.
  • Configure router Agent so the SNMP contact is “007”.
  • Configure router Agent so the SNMP location is “Agency”.
  • Configure router Agent so the largest SNMP packet is 1500.
  • Configure router Agent so the router can be reloaded through SNMP.
  • Configure router Agent so only network 192.168.12.0 /24 is allowed to contact the router. Dropped packets should be logged.
  • Configure router Agent so it has a community string called “README”. This should only be used for read-only access.
  • Configure router Agent to traps are sent to SNMPv2 server IP address 192.168.12.2. Use community string “VAULT”.
  • Configure router Agent so it informs a device with IP address 192.168.12.3. Use community string “VAULT”.
  • Create a loopback0 interface on router Agent with IP address 1.1.1.1 /24.
  • Configure router Agent so it doesn’t send any traps or informs when something happens with the loopback0 interface.
  • Configure router Agent so it generates a trap when a new OSPF LSA is originated.

IOS:

c3640-jk9s-mz.124-16.bin

Topology:

SNMP v2 server

Configuration Files

You need to register to download the GNS3 topology file. (Registration is free!)

Once you are logged in you will find the configuration files right here.

Opt In Image
Do you want your CCNA or CCNP Certificate?

The How to Master series helps you to understand complex topics like spanning-tree, VLANs, trunks, OSPF, EIGRP, BGP and more.

Written by René Molenaar - CCIE #41726

You May Also Like

About the Author: Rene Molenaar

René - CCIE #41726 is the creator of GNS3Vault.com where he shares CCNA, CCNP and CCIE R&S labs. He also blogs about networking on http://networklessons.com

2 Comments

  1. snmp-server community VAULT RO 1
    snmp-server community README RO 1
    snmp-server location Agency
    snmp-server contact 007
    snmp-server system-shutdown
    snmp-server enable traps ospf lsa lsa-originate
    snmp-server host 192.168.12.3 inform version 2c VAULT
    snmp-server host 192.168.12.2 version 2c VAULT

    R1#sh ip access-lists 1
    Standard IP access list 1
    10 permit 192.168.12.0, wildcard bits 0.0.0.255 log

    R1#sh run int lo 0
    interface Loopback0
    ip address 1.1.1.1 255.255.255.255
    no snmp trap link-status

Comments are closed.