Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] Example - Configuring SNMP Communities

0

0
Article ID: KB4223 KB Last Updated: 16 Jun 2020Version: 10.0 Summary:

This article provides information on how to configure SNMP communities.

Solution:

In this example, you will configure the Simple Network Management Protocol (SNMP) for two communities, named Marketing and Sales. In the first community, its members can read MIB II data and receive traps. In the second community, its members can read and write MIB II data, receive traps, and traffic alarms. The contact person is Jack Davis in Chicago. The Marketing community host IP addresses are 172.16.20.181, 172.16.40.245, and 172.16.40.55. The Sales community host is 172.16.20.250.

(CLI instructions are at the end of this article. Skip to CLI Instructions)

WebUI

  1. Open the WebUI. For more information on accessing the WebUI, read: KB4060 - Accessing Your NetScreen, SSG, or ISG Firewall Using the WebUI
  2. From the ScreenOS options menu, click Configuration, select Report Settings, and then click SNMP:

  3. In the System Contact text box, type a System Contact. In the Location text box, type a Location:

  4. Click Apply.
  5. From the SNMP page, click New Community:

  6. In the Community Name text box, type a Community Name. You can select the relevant permissions for the community and the correct version of SNMP:

  7. From Permissions, select Trap.
    Note: The MIB II system group variables - 'sysContact' and 'sysName' (which is the same as the host name of the NetScreen device) are read-write objects. All other variables are read-only.
  8. In the Hosts IP Address / Netmask, type the IP address of the host and its subnet mask. Also select the trap version as selected above. Source interface is optional.
    Note: The Netmask for the Host IP will always be /32 by default.

  9. Click Add.
    All the three hosts can be similarly added. The following image illustrates all of the hosts being added:
  10. From the SNMP page, click New Community.

  11. In the Community Name text box, type a Community Name.

  12. From Permissions, select Write, Trap, and Including Traffic Alarms.
  13. In the Hosts IP Address / Netmask, type the IP address of the host and its subnet mask. Also, select the trap version as selected above. Source interface is optional:

  14. Click Add.
 

 

CLI

The CLI implementation for the above settings is as follows:
set snmp location "Chicago"
set snmp contact "Jack Davis"
set snmp name "CU-Netscreen"
set snmp port listen 161
set snmp port trap 162


set snmp community "Marketing" Read-Only Trap-on version v1
set snmp host "Marketing" 172.16.20.181/32  trap v1
set snmp host "Marketing" 172.16.20.245/32  trap v1
set snmp host "Marketing" 172.16.20.55/32  trap v1


set snmp community "Sales" Read-Write Trap-on traffic version v1
set snmp host "sales" 172.16.20.150/32 trap v1
Modification History:
2020-06-16: Removed the old WebUI snapshots and replaced with new WebUI snapshots.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search