文章出处:net123.jimdo.com
文章出处:net123.jimdo.com
一、JUNIPER设备
1.Snmp的配置
set system static-host-mapping E450 inet 192.168.1.45
set system syslog user * any emergency
set system syslog host E450 any any
set system syslog host 192.168.1.251 any any
set snmp community net123 authorization read-write
set snmp community net123 clients 192.168.1.251
set snmp community net123 clients 192.168.1.251
set snmp community net123 clients 0.0.0.0/0
set snmp trap-group <group-name> version all
set snmp trap-group <group-name> authentication chassis configuration link remote-operations rmon-alarm routing startup vrrp-events
set snmp trap-group <group-name> targets 192.168.1.45
set snmp trap-options source-address lo0
set routing-options options syslog level emergency alert critical error warning notice info debug
commit
1.Snmp的配置
set system static-host-mapping E450 inet 192.168.1.45
set system syslog user * any emergency
set system syslog host E450 any any
set system syslog host 192.168.1.251 any any
set snmp community net123 authorization read-write
set snmp community net123 clients 192.168.1.251
set snmp community net123 clients 192.168.1.251
set snmp community net123 clients 0.0.0.0/0
set snmp trap-group <group-name> version all
set snmp trap-group <group-name> authentication chassis configuration link remote-operations rmon-alarm routing startup vrrp-events
set snmp trap-group <group-name> targets 192.168.1.45
set snmp trap-options source-address lo0
set routing-options options syslog level emergency alert critical error warning notice info debug
commit
2.NetFlow配置
set firewall filter gd-ipnet-m160-1 term net123 then sample
set firewall filter gd-ipnet-m160-1 term net123 then accept
set interfaces ge-4/1/1 unit 0 family inet filter input net123 "在ge-4/1/1口上对input包作采样
set interfaces ge-4/1/1 unit 0 family inet filter output net123 "对output包作采样
set forwarding-options sampling input family inet rate 1000 "采样率为1000
set forwarding-options sampling input family inet run-length 0
set forwarding-options sampling output cflowd 211.139.136.108 port 3055 "接受NetFlow采样包的目的主机为211.139.136.108
set forwarding-options sampling output cflowd 211.139.136.108 version 5
set forwarding-options sampling output cflowd 211.139.136.108 no-local-dump
set forwarding-options sampling output cflowd 211.139.136.108 autonomous-system-type origin "origin和peer选一
commit
"在这里,sampling_rate=(run_length+1)/rate,
" 即sampling_rate=(1+1)/1000
"(set forwarding-options sampling input family inet run-length 1 "run-length缺省为0)
" 即sampling_rate=(1+1)/1000
"(set forwarding-options sampling input family inet run-length 1 "run-length缺省为0)
3.SLA配置
set snmp view ping-view oid .1.3.6.1.2.1.80 include "ping-mib
set snmp view ping-view oid .1.3.6.1.4.1.2636.3.7 include
"set snmp view ping-view oid .1.3.6.1.2.1.81 include "traceroute-mib
"set snmp view ping-view oid .1.3.6.1.4.1.2636.3.8 include
set snmp community ping-community authorization read-write
set snmp community ping-community view ping-view
set snmp community ping-community clients 211.139.136.108
commit
set snmp view ping-view oid .1.3.6.1.2.1.80 include "ping-mib
set snmp view ping-view oid .1.3.6.1.4.1.2636.3.7 include
"set snmp view ping-view oid .1.3.6.1.2.1.81 include "traceroute-mib
"set snmp view ping-view oid .1.3.6.1.4.1.2636.3.8 include
set snmp community ping-community authorization read-write
set snmp community ping-community view ping-view
set snmp community ping-community clients 211.139.136.108
commit
4.采样进程的停止与重新启动
先查出sampled进程的PID号:
juniper>show system processes extensive
再juniper>start shell
%su
#kill PID号
退出:#exit
%exit
如果要重新开起sampled进程:
juniper>restart sampling immediately
juniper>restart sampling immediately
二、CISCO设备
1、snmp、traps:
router#config t
router(config)#snmp community net123 rw
router(config)#snmp host 192.168.1.45 traps version 2c xxxxxxxx
router(config)#snmp enable traps
router(config-if)#snmp trap link-status
2、syslog:
router(config)#logging 192.168.1.45
router(config)#logging source-interface loopback0
router(config)#logging 192.168.1.45
router(config)#logging source-interface loopback0
3、netflow:
cisco目前还不支持双向netflow,缺省是针对input
router(config-if)#ip route-cache flow sampled "GSR支持sampled参数,其他的可能不支持sampled参数
router(config)#ip flow-export version 5 origin-as as_id
router(config)#ip flow-export destination 192.168.1.45 3055
router(config)#ip flow-sampling-mode packet-interval 1000
router#ip flow-export source Loopback0
router#show ip flow sampling
router#show ip flow export
router#show ip cache flow "这些命令查看netflow的状态
router(config-if)#ip route-cache flow sampled "GSR支持sampled参数,其他的可能不支持sampled参数
router(config)#ip flow-export version 5 origin-as as_id
router(config)#ip flow-export destination 192.168.1.45 3055
router(config)#ip flow-sampling-mode packet-interval 1000
router#ip flow-export source Loopback0
router#show ip flow sampling
router#show ip flow export
router#show ip cache flow "这些命令查看netflow的状态
从12.1(3)T版本开始,cisco IOS允许netflow发给多个目的主机(当前版本最多支持2个)。
(12.2T)
(rsp-jsv-mz.123-4.T1.bin ,最少128M mem,最少32M flash MEM。)
(12.2T)
(rsp-jsv-mz.123-4.T1.bin ,最少128M mem,最少32M flash MEM。)
4、PIX防火墙
PIX: conduit permit icmp any any
conduit permit tcp host 172.10.17.141 eq 5016 host 139.126.254.1
conduit permit udp any host 132.96.20.9
route outside 10.3.81.0 255.255.255.0 172.10.17.150 1
snmp-server host outside 132.96.20.9 poll
no snmp-server location
no snmp-server contact
snmp-server community net123
snmp-server enable traps
PIX: conduit permit icmp any any
conduit permit tcp host 172.10.17.141 eq 5016 host 139.126.254.1
conduit permit udp any host 132.96.20.9
route outside 10.3.81.0 255.255.255.0 172.10.17.150 1
snmp-server host outside 132.96.20.9 poll
no snmp-server location
no snmp-server contact
snmp-server community net123
snmp-server enable traps
PIX的规则:
外网的地址不能访问pix的outside接口的地址的
如果要访问inside接口的地址的话
那需要做nat
把采集机地址映射成内网的一个地址
然后才能snmp访问inside接口
如果不做nat要snmp访问inside接口的话
必须要走ipsec方式
外网的地址不能访问pix的outside接口的地址的
如果要访问inside接口的地址的话
那需要做nat
把采集机地址映射成内网的一个地址
然后才能snmp访问inside接口
如果不做nat要snmp访问inside接口的话
必须要走ipsec方式
三、华为设备
1、huawei R3640EP:
[router]display saved-config !查看保存的配置
[router]undo ..... !相当于cisco里的no命令
[router]interface loopback1
[router-loopback1]ip address 1.1.1.1 255.255.255.255
[router]snmp-agent community read net123
[router]snmp-agent sys-info version all
[router]snmp-agent trap enable
[router]snmp-agent trap source loopback 0
[router]snmp-agent target-host trap address 10.243.191.2 parameters v1 port 162 securityname public
[router]info-center enable
[router]info-center loghost 0 10.243.191.2 514 Chinese
[router]info-center loghost 1 10.243.191.3 514 Chinese
[router]save
[router]logout
2、其它型号的:
huawei router:
<router>sys
[router]snmp-agent community read net123
huawei router:
<router>sys
[router]snmp-agent community read net123
[router]snmp-agent sys-info version all
[router]snmp-agent trap enable
[router]snmp-agent trap source loopback 0
[router]snmp-agent target-host trap address udp-domain *.*.*.* udp-port 162 params securityname net123
[router]snmp-agent trap enable
[router]snmp-agent trap source loopback 0
[router]snmp-agent target-host trap address udp-domain *.*.*.* udp-port 162 params securityname net123
[router]quit
<router>save
<router>save
四、3COM设备
1)进入菜单:system/management/snmp/community
ENTER new community for user 'admin'[admin] : 回车
ENTER new community for user 'manager' [XXX] : 回车
ENTER new community for user 'monitor' :设置 SNMP community string.
1)进入菜单:system/management/snmp/community
ENTER new community for user 'admin'[admin] : 回车
ENTER new community for user 'manager' [XXX] : 回车
ENTER new community for user 'monitor' :设置 SNMP community string.
2)进入菜单:system/management/snmp/trap/create
enter the trap community string [monitor]: 回车
enter the trap destination address: 192.168.9.157
NS防火墙
系统日志和SNMP:
set syslog enable
set syslog config 10.20.1.2 auth/sec local0
set syslog config 172.10.16.25 local0 local0
set syslog port 514
set syslog traffic
set syslog ***
set log module system level notification destination syslog
set log module system level notification destination webtrends
enter the trap community string [monitor]: 回车
enter the trap destination address: 192.168.9.157
NS防火墙
系统日志和SNMP:
set syslog enable
set syslog config 10.20.1.2 auth/sec local0
set syslog config 172.10.16.25 local0 local0
set syslog port 514
set syslog traffic
set syslog ***
set log module system level notification destination syslog
set log module system level notification destination webtrends
set snmp community remote_admin read-write trap-on
set snmp community JCarney read-only trap-on
set snmp community TCooper read-write trap-on traffic
set snmp ***
set snmp contact John Fisher
set snmp location Miami
set snmp host remote_admin 10.20.1.2
set snmp host JCarney 172.16.20.181
set snmp host JCarney 172.16.40.245
set snmp host JCarney 172.16.40.55
set snmp host TCooper 172.16.20.250
save
set snmp community JCarney read-only trap-on
set snmp community TCooper read-write trap-on traffic
set snmp ***
set snmp contact John Fisher
set snmp location Miami
set snmp host remote_admin 10.20.1.2
set snmp host JCarney 172.16.20.181
set snmp host JCarney 172.16.40.245
set snmp host JCarney 172.16.40.55
set snmp host TCooper 172.16.20.250
save
五、SUMMIT设备
# SNMP Configuration
configure snmp add trapreceiver 169.254.70.255 community "ST.-1442953473.10550"
# SNMP Configuration
configure snmp add trapreceiver 169.254.70.255 community "ST.-1442953473.10550"
configure snmp add trapreceiver 169.254.70.255 community "ST.-1442953473.10550"
configure snmp delete community readonly all
configure snmp delete community readwrite all
configure snmp add community readonly V5rypted "rykfcb"
configure snmp add community readwrite V5rypted "r~`|kug"
configure snmp sysName "Summit200-24"
configure snmp delete community readwrite all
configure snmp add community readonly V5rypted "rykfcb"
configure snmp add community readwrite V5rypted "r~`|kug"
configure snmp sysName "Summit200-24"
六、Solaris系统网管告警配置需求
一、对于snmp需要进行如下配置(包括trap):
1、修改/etc/snmp/conf/snmpd.conf文件,使相关内容如下
system-group-read-community net123
read-community net123
trap 172.16.63.129
2、root用户重新启动snmpd进程
/etc/rc3.d/S76snmpdx stop|start
二、对于syslog需要进行如下配置:
1、修改/etc/hosts文件,在文件末尾加入:
10.25.25.46 loghost1
2、修改/etc/syslog.conf在文件末尾增加下面一行
*.info @loghost1
注:*.info与@loghost1之间是TAB键
3、root用户重新启动syslog服务
/etc/rc2.d/S74syslog stop|start
1、修改/etc/snmp/conf/snmpd.conf文件,使相关内容如下
system-group-read-community net123
read-community net123
trap 172.16.63.129
2、root用户重新启动snmpd进程
/etc/rc3.d/S76snmpdx stop|start
二、对于syslog需要进行如下配置:
1、修改/etc/hosts文件,在文件末尾加入:
10.25.25.46 loghost1
2、修改/etc/syslog.conf在文件末尾增加下面一行
*.info @loghost1
注:*.info与@loghost1之间是TAB键
3、root用户重新启动syslog服务
/etc/rc2.d/S74syslog stop|start
转载于:https://blog.51cto.com/mwt666/300624
2763
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
