一、前言

SNMP(Simple Network Management Protocol,简单网络管理协议)的前身是简单网关监控协议(SGMP),用来对通信线路进行管理。随后,人们对SGMP进行了很大的修改,特别是加入了符合Internet定义的SMI和MIB:体系结构,改进后的协议就是著名的SNMP。SNMP的目标是管理互联网Internet上众多厂家生产的软硬件平台,因此SNMP受Internet标准网络管理框架的影响也很大。现在SNMP已经出到第三个版本的协议,其功能较以前已经大大地加强和改进了。

二、环境

wKioL1L8sy7BdZ7PAAHMI7uNvlg451.jpg

设备:

网管工作站   windows server 2003

fw-1和fw-2   防火墙H3C F100-C

SW-2         quidway S2000系列

Web server   CentOS6.4 32位

IP地址规划:

网管工作站  192.168.3.100/24

fw-1        

eth0/0      192.168.3.1/24

eth0/4      1.1.1.1/24

fw-2

eth0/0      192.168.4.1/24

eth0/4      1.1.1.2/24

SW-2    

vlan 1      192.168.4.10/24

Web server  192.168.4.100/24

需要软件:

What's_up_Gold

三、配置

网管工作站

安装SNMP

进入“控制面板→添加/删除windows组件→管理和监视工具→详细信息”

wKioL1L8t8PgDM8DAAC3A15Vp-k690.jpg

安装What's_up_Gold软件

fw-1

<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]sysname fw-1
[fw-1]int eth0/0
[fw-1-Ethernet0/0]ip add 192.168.3.1 24
[fw-1-Ethernet0/0]int eth0/4
[fw-1-Ethernet0/4]ip add 1.1.1.1 24
[fw-1-Ethernet0/4]quit
[fw-1]firewall zone trust
[fw-1-zone-trust]add int eth0/0
 The interface has been added to trust security zone.
[fw-1-zone-trust]quit
[fw-1]firewall zone untrust
[fw-1-zone-untrust]add int eth0/4
[fw-1-zone-untrust]quit
[fw-1]ip route-static 192.168.4.0 24 1.1.1.2
[fw-1]snmp-agent
[fw-1]snmp-agent sys-info contact zhangsan
[fw-1]snmp-agent sys-info location main-jifang            
[fw-1]snmp-agent sys-info version all
[fw-1]snmp-agent community read public   
[fw-1]snmp-agent community write private
[fw-1]snmp-agent trap enable
[fw-1]snmp-agent target-host trap address udp-domain 192.168.3.100 udp-port 162 params securityname public

fw-2

<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]sysname fw-2
[fw-2]int eth0/0
[fw-2-Ethernet0/0]ip add 192.168.4.1 24
[fw-2-Ethernet0/0]int eth0/4
[fw-2-Ethernet0/4]ip add 1.1.1.2 24
[fw-2]firewall zone trust
[fw-2-zone-trust]add int eth0/0
 The interface has been added to trust security zone.
[fw-2-zone-trust]quit
[fw-2]firewall zone untrust
[fw-2-zone-untrust]add int eth0/4
[fw-2]ip route-static 192.168.3.0 24 1.1.1.1
[fw-2]ping 1.1.1.1
  PING 1.1.1.1: 56  data bytes, press CTRL_C to break
    Reply from 1.1.1.1: bytes=56 Sequence=1 ttl=255 time=20 ms
    Reply from 1.1.1.1: bytes=56 Sequence=2 ttl=255 time=6 ms
    Reply from 1.1.1.1: bytes=56 Sequence=3 ttl=255 time=5 ms
    Reply from 1.1.1.1: bytes=56 Sequence=4 ttl=255 time=5 ms
    Reply from 1.1.1.1: bytes=56 Sequence=5 ttl=255 time=8 ms
  --- 1.1.1.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 5/8/20 ms
[fw-2]snmp-agent
[fw-2]snmp-agent sys-info contact lisi
[fw-2]snmp-agent sys-info location branch-jifang             
[fw-2]snmp-agent sys-info version all
[fw-2]snmp-agent community read public
[fw-2]snmp-agent community write private
[fw-2]snmp-agent trap enable
[fw-2]snmp-agent target-host trap address udp-domain 192.168.3.100 udp-port 162 params securityname public

SW1

<Quidway>system-view
Enter system view, return to user view with Ctrl+Z.
[Quidway]sysname SW1
[SW1]int vlan 1
[SW1-Vlan-interface1]ip add 192.168.4.10 255.255.255.0
[SW1]ip route-static 0.0.0.0 0.0.0.0 192.168.4.1
[SW1]ping 192.168.4.1
  PING 192.168.4.1: 56  data bytes, press CTRL_C to break
    Reply from 192.168.4.1: bytes=56 Sequence=1 ttl=255 time = 70 ms
    Reply from 192.168.4.1: bytes=56 Sequence=2 ttl=255 time = 20 ms
    Reply from 192.168.4.1: bytes=56 Sequence=3 ttl=255 time = 20 ms
    Reply from 192.168.4.1: bytes=56 Sequence=4 ttl=255 time = 20 ms
    Reply from 192.168.4.1: bytes=56 Sequence=5 ttl=255 time = 10 ms
  --- 192.168.4.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 10/28/70 ms
[SW1]snmp-agent sys-info contact lisi    
[SW1]snmp-agent sys-info location branch-jifang           
[SW1]snmp-agent sys-info version all
[SW1]snmp-agent community read public
[SW1]snmp-agent community write private
[SW1]snmp-agent trap enable
[SW1]snmp-agent target-host trap address udp-domain 192.168.3.100 udp-port 162 params securityname public
[SW1]local-user user1
New local user added.
[SW1-luser-user1]password simple 123
[SW1-luser-user1]service-type telnet level 3
[SW1-luser-user1]quit
[SW1]user-interface vty 0 4
[SW1-ui-vty0-4]authentication-mode scheme
[SW1-ui-vty0-4]quit

Web server

[root@localhost ~]# yum install httpd net-snmp
[root@localhost ~]# service httpd start
Starting httpd:                                            [  OK  ]
[root@localhost ~]# service snmpd start
Starting snmpd:                                            [  OK  ]

四、扫描拓扑

wKiom1L8uULAGKoAAABdt9Es7I4172.jpg

五、远程管理

选中设备单击右键“Connect”,即可远程管理。

wKioL1L8uX_jfNYXAABTDk_5cR0541.jpg