Use this window to configure the information needed to receive trap information from the devices on your network. The window has two tabs. The Configuration tab lets you create a list of trap receiver addresses. These are the addresses of the systems that will receive trap information from your network devices. The snmptrapd tab is where you configure the information that is required to allow the NetSight SNMP Trap Service (snmptrapd) to receive Trap and Inform messages from your network devices that are using SNMPv3.
To access this window, right-click on one or more devices in the Console left-panel tree and select Trap Receiver Configuration.
Configuration Tab
| CAUTION: | When there are multiple installations of NetSight Console on your network, it is possible for another
Console to be altering device trap configuration settings at the same time. To reduce the possibility of
configuration conflicts you should Retrieve
the current trap receiver settings and check for conflicts prior to applying your specific trap receiver configuration settings.
After retrieving the current settings, you must select specific devices (or all devices) before you can
apply settings. In spite of this precaution, there remains a remote chance that changes applied between
retrieving and applying will overwrite changes made from another Console Trap Receiver Configuration window.
|
|---|
Click areas in the window for more information.
Trap Receiver Configuration Table
Use this table to create a list of trap receiver addresses to apply to your
devices. When the Trap Receiver Configuration window is initially opened, this table lists the Console workstation
as the only trap receiver. Click the Update From All/Selected Devices
button to update the table with trap receiver information from the selected devices.
You can also manually add trap receivers to the table. To add a new trap receiver, right-click on an
existing row and select Insert Row. A new row will be created above the selected row.
(Tabbing past the last row will also create a new row.) Tab through the table
columns and modify each entry as desired.
- Configure
- Check this checkbox if you want this particular trap receiver entry to be set on the selected devices when you Apply your trap receiver configuration settings.
- Priority
- Use this column to specify the order in which trap receiver entries will be set on the selected devices, with the lowest number having the highest priority. When you Apply your trap receiver settings, Console writes the Trap Receiver IPs to each device in order, starting with the highest priority (the lowest number) until all are written or a device cannot accept any more.
- Trap Receiver IP
- The IP address for a trap receiver (the system where devices will send traps). Trap receivers systems must be running an SNMPTrap Service.
- Trap Credential (community or user)
- The credential used by the device when sending traps. This field will contain a community name when the device is using
an SNMPv1/2 credential or a user name for an SNMPv3 credential. The information
is displayed in the following format:
credential(community name or user name):snmp version
where credential is the credential name in Console that uses the community name or user name (within parentheses), and the snmp version which is either v1, v2c, or v3.When the credential appears within angle brackets (< credential name>), it indicates that the community or user name could not be found among the credentials created in Console. When this happens, a temporary credential name is created, derived from the community or user name on the device. For example, if the community name on the device is security, and there is no credential in Console with that community name, this column will show <security> as the credential. If a second device is found with the community or user name security, its temporary credential will be displayed as <security-2>.
NOTE: E1 devices: If you have set the Trap Credential to the community name set on the device and cannot receive traps, it is because you must use the Security_User_Name that is mapped to the community name in the device. E1 devices map the SNMPv1 community name (by default public) to the Security_User_Name (by default, initial). To determine the mapping in a particular device, use the device Local Management (CLI), show snmp community command to determine the Security_User_Name associated with the community name. Then, enter the Security_User_Name as the Trap Community.
- Remove or update existing trap receiver IPs on devices during Apply operation
- When checked, an Apply operation will update the Trap Configuration table on the devices
to match the enabled entries in this table, by adding, modifying (updating community names), and removing entries
as necessary. Entries on the device that were created via CLI are never deleted
or modified.
When unchecked, an Apply operation will add entries from this table to the devices Trap Configuration table. Existing entries on the devices are not modified in any way and no duplicate addresses are created.
This table lists the devices that were selected in the Console left-panel tree when the Trap Receiver Configuration window was opened, and their trap receiver information.
- Status Icon
- The status icon for the selected device indicates one of the following conditions:
- an Apply to All/Selected devices operation will
apply trap receiver configuration settings to this device.
- the device has a warning status that will
interfere with the application of some or all of the enabled trap receivers to this device. The status column will
indicate the reason for the warning (Not Supported, Unable to Contact, Configuration Table Full, or Not Enough Room
in Configuration Table, etc.).
- X - this device will be excluded or has been excluded from an operation. The status column will indicate the reason (Stopped or an error occurred while attempting to Apply).
- Blank - either the row is not selected or the trap receivers configured on the device match the trap receiver table list.
- Trap Support
- Indicates whether trap configuration is supported by the selected device: Supported/Not Supported.
- Receiver (community or user)
- This is a comma-separated list of the information for each of the trap
receivers configured on the device when the Trap Receiver Configuration window was opened.
The information is formatted as follows:
(ip address(community name or user name):snmp version:type)
where:
ip address - the IP address of the trap receiver.
credential - the credential name being used with the trap/inform message.
snmp version - either v1, v2c, or v3.
type - the type of message: I for informs, T for traps.
- Status
- Shows the current status of Apply or Update operations:
- Reading - Update From All/Selected devices in progress
- Complete - Update or Apply finished
- Setting - Apply to All/Selected devices in progress
- Error - Operation unsuccessful for the device (e.g., no such name, insufficient access level, request timed out, etc.) Details are also recorded in Event log
- Warning - Operation partially successful. This can occur when trap receiver configuration is not supported or has a limitation in the selected device (e.g., Trap Receiver configuration not supported, Trap Receiver Table Full, Not enough room to store all trap receivers)
- Apply to All/Selected devices Button
- Apply operations write (set) the trap receiver IPs listed in the Trap Receiver Configuration table to the selected devices. This button changes depending on whether or not devices are selected (highlighted) in the Trap Receivers on Devices table. With no devices selected, the operation is performed on all devices.
- Update From All/Selected devices Button
- Update operations retrieve the current trap receiver information from the devices and add it to the Trap Receiver Configuration table. This button changes depending on whether or not devices have been selected in the Trap Receivers on Devices table. With no devices selected, the operation is performed on all devices.
- Retrieve Button
- Retrieves the latest trap receiver information from the devices and updates the Trap Receivers on Devices table.
snmptrapd Tab
Use this tab to configure the information that is required to allow NetSight's SNMP Trap Service (snmptrapd) to receive Trap and Inform messages from your network devices that are using SNMPv3.
| NOTES: |
|
|---|
- Inform messages require only a User ID and Credentials for a user configured on the device. You should not configure an Engine ID for devices sending Inform messages.
- Trap messages require a User ID and Credentials for a user configured on the device, as well as the Engine ID of the SNMPv3 agent running on the device. You must configure an Engine ID for each device that will be sending SNMPv3 Trap messages.
If this information is not provided as part of the SNMP Trap Service configuration, Inform messages are dropped by the SNMP Trap Service. They do not appear in the Console's Trap/Event log and they are not acknowledged by the SNMP Trap Service.
| NOTE: | When configuring the SNMP Trap Service to receive Trap messages from an Extreme Networks IPS device, the User ID, Credentials, and Engine ID must match the Security Name, Auth Password/Priv Password, and Security Engine, respectively.
Do not use the Engine ID returned by the Extreme Networks IPS device in response to the query that is performed when the snmptrapd Configuration window is opened. |
|---|
Click areas in the window for more information.
Credential Table
The process for obtaining the information presented in the Credential Table is
as follows. When you open the Trap Receiver Configuration window and select the snmptrapd tab, the devices you have selected in the Console left-panel tree are queried for their Engine IDs. A Ping
and a SNMPv1 sysUpTime request are also sent. If a device does not respond
to the Engine ID query, but responds to a Ping or sysUpTime, then the device
is determined to be a non-SNMPv3 device. The information from the current snmptrapd.conf
file is also read and stored. As Engine IDs are returned from the devices, they are compared with the entries already
in the table to see if the Engine ID has been configured previously.
As information from the network is returned, the Credential table is updated. The Credential Name column can be edited by clicking on the column to display a drop-down list that contains all SNMPv3 credentials from the NetSight database. Once edits are made, the table is updated and an asterisk is displayed in the Modified column to show which rows were changed. The configuration file is not updated when the table is edited. Instead, the Save button must be used to update the configuration file with any changes that have been made. Closing the window without saving discards the changes.
- IP Address
- When the Trap Table is initially opened, the IP Address column lists the IP addresses for all the devices selected in the left-panel tree. This column will be blank when entries are manually added using the Add Entry button.
- Display Name
- The name that will be displayed for this device in Console's left-panel tree. The display name can be set in the Suite-Wide Options window to the device's IP Address, System Name, or Nickname.
- Engine ID
- This column lists the Engine ID of the SNMPv3 agent associated with the selected device(s). This entry is blank when the Status is reported as In progress, No EngineID, or Not Reachable. The Engine ID column is also blank if no Engine ID is supplied when entries are manually added using the Add Entry button. To enter an Engine ID for a manually added entry, double-click the Engine ID cell, and type an Engine ID followed by Enter.
- Status
- This column displays information about the associated device. Potential status entries include:
- In progress - An Engine ID query, Ping and sysUpTime query are in progress. This status appears when the window is initially opened or for a short time after clicking the Get Engine ID button.
- No EngineID - The query for the Engine ID has timed out for the associated device, but a response to either the Ping or the SNMPv1 sysUpTime request was received. The associated device is not configured for SNMPv3.
- Engine ID received - An Engine ID was received from the associated device and it does not match any entry in the configuration file. The same Engine ID may be associated with more than one device. The Duplicate Engine ID column indicates the number of devices sharing a particular Engine ID.
- In the file - An Engine ID was received from the associated device, and it matches an entry in the snmptrapd.conf configuration file.
- Not reachable - All requests (Engine ID, Ping, and sysUpTime) to the IP Address have timed out.
- Added by user - This status appears when rows are added using the Add Entry button.
- Duplicate Engine ID
- Some devices can have multiple IP Addresses sharing the same Engine ID. This column shows the number of IP addresses sharing the Engine ID returned from the associated device.
- Credential Name
- This column shows the credential of the SNMPv3 agent that is the source of the Trap or Inform information in the device. In the case of Trap messages, when there is an Engine ID in the row and that Engine ID already exists in the configuration file, then the
credential associated with the Engine ID in the file will be compared against the one assigned to the device in the NetSight database. If the
credential is the same, the credential and Engine ID from the device will be used to identify the device sending traps or inform messages. If the
credential does not match, a new credential will be created with a unique name, and it will appear in the Credential
Name column. Saving the trap information will add the new credential to the database.
If the device does not have an SNMPv3 profile in the database, the Read Only credential for the default Profile in the database is assigned to the device. If no credential is assigned in the database, the credential entry remains a double hyphen ( -- ).
You can edit the Credential Name column for entries that list a valid credential. Click on the column to display a drop-down list that contains all SNMPv3 credentials from the NetSight database.
- Credential Information
- This column shows the settings for the associated Credential Name. The source of the credential information is:
- The credential information settings in the NetSight database,
- The snmptrapd.conf file when an Engine ID matches an entry in the snmptrapd.conf file,
- Manually added entries using the Add Entry button.
- Modified
- Indicates with an asterisk (*) all table entries that do not have a matching entry in the Text area, either because it was just initialized when the application was launched or because it was added with the Add Entry button. When an entry that has been added or modified has a matching entry in the Text area or when a modified entry is entered into the Text area using the Add to File button, the Modified column is cleared for the entry.
- Text
- This area is a text editor where you can make changes to the snmptrapd.conf file. It displays the entire, unfiltered contents of the snmptrapd.conf file. Save writes the file, using the complete text from this area.
- Status Line
- As the devices information returns, the status line is updated and a progress bar indicates the percentage of devices that have been resolved. The status bar indicates the total number of devices to process, the number of devices whose Engine IDs have been received, the number of devices determined to be non-SNMPv3, and the number of devices that have not responded after all timeouts and retries have been exhausted.
- Add Entry Button
- This button lets you add new entries to the Credential Table. The Credential Name column will display the Read Only credential for the default Profile. The Engine ID and Credential Name columns are editable for rows being added. The Credential Name drop-down list contains all of the SNMPv3 credentials available from the NetSight database. An Engine ID is only necessary for devices sending trap messages. It is not necessary for Informs. An error is reported when the Engine ID being entered matches another Engine ID in the table.
- Get EngineID Button
- This button starts the process of requesting the Engine IDs again, in the same fashion as when the window is first opened, to update the table information. The process only attempts to contact devices whose IP address appear in the table.
- Save Button
- Writes the changes you have made to the snmptrapd.conf file. The file is located on the server in <install directory>\appdata directory.
For information on related windows:
For information on related tasks:
For information on related concepts:
