"snmp-server enable traps" just enables the switch/router to begin sending trap events as they occur to the host that you provided in the "snmp-server host" command. Once you turn it on... issue the "show run" command and you'll see that the switch actually enabled a bunch more automatically for you. The "snmp-server community" command is what needs to be setup to allow an SNMP station to poll it for information (Read Only), or write information to it (Read Write). For simple SNMPv1, I like to use this config:
access-list 99 permit 192.168.1.0 0.0.0.255 snmp-server community R3aD0n1Y R3adWr1t3 99 snmp-server location 1234 Some Street, Nowhereville, NW snmp-server contact John Smith - (123) 555-1212 snmp-server chassis-id CATSWITCH01 For a more secure implementation, look into v2 or v3 of SNMP as they add encryption and authentication to messages that traverse the wire. Hope this helps! Aaron T. Rohyans Senior Network Engineer CCIE #21945, CCSP, CCNA, CQS-Firewall, CQS-IDS, CQS-VPN, ISSP, CISP, JNCIA-ER DPSciences Corporation 7400 N. Shadeland Ave., Suite 245 Indianapolis, IN 46250 Office: (317) 849-6772 x 7626 Fax: (317) 849-7134 [email protected] <mailto:[email protected]> http://www.dpsciences.com/ From: Joe Heaton [mailto:[email protected]] Sent: Wednesday, January 07, 2009 2:38 PM To: NT System Admin Issues Subject: Cisco Catalyst command question I need to enable SNMP on my Catalyst. I've found 3 SNMP commands, and need to know which/how to use them: Snmp-server enable traps - Is this the command to enable SNMP? How do I use this generically, to simply turn snmp on so that my network monitoring tool can identify the box, and monitor the ports? Snmp-server host - Do I need to specify the machine that's going to be doing snmp queries, or can I just leave it open? Is it dangerous not to specify a host? Snmp-server community - self explanatory, to set the community string, with the access rights. >From what I'm reading in the Command Reference, it appears that I want to use the snmp-server host command, specify the specific host, and leave it at that. Is that the "approved" method? Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 [email protected] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
