Configuring SNMP on Juniper MX

Posted byVyacheslav Leave a comment on Configuring SNMP on Juniper MX

For example, I will configure SNMP on Juniper MX204.

Let’s go to the configuration mode:

configure

Let’s move on to configuring snmp:

edit snmp

Let’s specify the community (instead of IXNFO.COM) and the IP address of the snmp client (in my case, the Zabbix server):

set community IXNFO.COM clients 192.168.5.5/32 authorization read-only

You can also execute the command from the main configuration mode:

set snmp community IXNFO.COM clients 192.168.5.5/32 authorization read-only

If there are many SNMP client IP addresses, then create a list and indicate it when adding community:

set client-list list0 192.168.3.0/24
set client-list list0 192.168.5.5/32
set community IXNFO.COM client-list-name list0 authorization read-only

If necessary, we will indicate the rest of the data to the device:

set name "ixnfo.com"
set description "TEST"
set location "TEST"
set contact "admin@ixnfo.com"

Let’s check the added SNMP configuration:

show

Let’s check the configuration and apply:

commit check
commit

After that SNMP v2 should work.

You can delete the entered command or community like this:

delete community IXNFO.COM
delete community IXNFO.COM clients 192.168.5.5/32

Or just restore the previous configuration:

rollback ?
rollback 0

Let’s exit the snmp hierarchy and check the snmp configuration again:

exit
show snmp
show | match snmp | display set

Here is an example of log entries when someone connects with the wrong community or from an unresolved IP address:

show log messages | last 10
SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from x.x.x.x to x.x.x.x (public)
SNMPD_AUTH_RESTRICTED_ADDRESS: nsa_initial_callback: request from address x.x.x.x not allowed

To diagnose problems with SNMP, you can write more detailed logs to a separate file, I will give an example configuration:

set snmp traceoptions file SNMP size 1m
set snmp traceoptions flag general
set snmp traceoptions lag varbind-error

juniper.net/documentation/us/en/software/junos/network-mgmt/topics/ref/statement/traceoptions-edit-snmp.html

See also my articles:
SNMP OID for Juniper
SNMP OID and MIB for interfaces

Leave a comment

Leave a Reply