Ultimate Management Server Lab 1
Previous Next
Download Lab: GNS3
Learn how to use snmpwalk to verify you SNMP configuration on the cisco router
Prerequisites:
Cisco IOSv (vios-adventerprisek9-m.vmdk.SPA.156-2.T)
Image from the dockerhub: roxron/rus_tem:mgmt_srv
Introduction:
A lot of networking students are struggling with networking tools available in the marketplace, despite that there are many choices of docker containers in the appliances section still as CCNP student I have to waste a lot of my time to verify SNMPv3 configuration on the router, for example. The lack of explanation attached to the containers is a big issue for me. I did not understand how to use AAA server until I watched youtube videos made by David Bombal which clearly explains all aspects. Later I needed more tools but lack of containers led me to the experiments with GNS3 VM and how to link it to my VM instances running on the VMware Hypervisor, which was quite a success but it still requires more time on the things that are not helpful for certification study. The dockerhub is a perfect system to share containers without waiting on someone to upload new stuff to the marketplace. I might gonna make lab explaining how to create your own appliance using docker but for now, I hope that this lab will help a lot of people to save time while preparing for Cisco certifications.
About the container:
Build on the centos image, is in the Beta state since it constantly gets updated, for now, it supports FTP, SFTP, SCP, TFTP, SNMP protocols for managing networking devices.
Users: ftpuser, gns3
Password: gns3
/home/ftpuser is where all files go when you use listed protocols above.
Lab objectives:
First, you will import container into the GNS3, then configure SNMPv3 on the router and verify this configuration with snmpwalk.
Lab procedure:
Step1: Install Management Server.
In the GNS3, go to preferences and select Docker Containers:
Click on the New button and chose New image:
Copy image name from prerequisites section and paste into the Image name:
Click Next> button and give the name to the container MGMT_SERVER or choice your own.
Click Next> button and choose a number of network adapters but better leave the default of one.
Click Next> button, leave the default parameters for Start command.
Click Next> button again, leave the default setting for Console type.
Click Next> button.
Click the Finish button to complete.
Apply and press OK button.
Start new project then drag MGMT_SERVER to the working space it will begin to pull image from the dockerhub.
Now that container is installed you can download lab and proceed with SNMPv3 configuration.
Step2: Configure SNMPv3 on the router.
Open terminal of the router R1, then in the global configuration mode type these commands:
R1(config)#access-list 50 permit 192.168.0.0 0.0.0.255
R1(config)#snmp-server view ALL_VIEW iso included
R1(config)#snmp-server group SNMP v3 priv read ALL_VIEW access 50
R1(config)#snmp-server user CISCO SNMP v3 auth md5 cisco12345 priv des cisco12345
R1(config)#snmp-server host 192.168.0.2 version 3 priv CISCO
R1(config)#snmp-server ifindex persist
Verify SNMPv3 with these commands:
R1# show access-list
R1# show snmp view
R1# show snmp group
R1# show snmp user
R1# show snmp host
Verify access to the SNMP management station.
R1# ping 192.168.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:
.!!!!
Step3: Using snmpwalk generate SNMP request to the router R1.
From the terminal of Management Server using these credentials: "ftpuser/gns3" type this command to pull information.
[ftpuser@MGMT_SERVER-1 ~]$ snmpwalk -v3 -u CISCO -l authPriv -a MD5 -A cisco12345 -x DES -X cisco12345 192.168.0.11
Sample of output that supposes to be generated:
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Tue 22-Mar-16 16:19 by prod_rel_team
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1041
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1348008) 3:44:40.08
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: R1
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.9.7.129
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.9.7.115
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::enterprises.9.7.265
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.9.7.112
SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::enterprises.9.7.106
SNMPv2-MIB::sysORID.6 = OID: SNMPv2-SMI::enterprises.9.7.47
SNMPv2-MIB::sysORID.7 = OID: SNMPv2-SMI::enterprises.9.7.122
SNMPv2-MIB::sysORID.8 = OID: SNMPv2-SMI::enterprises.9.7.37
SNMPv2-MIB::sysORID.9 = OID: SNMPv2-SMI::enterprises.9.7.92
SNMPv2-MIB::sysORID.10 = OID: SNMPv2-SMI::enterprises.9.7.53
SNMPv2-MIB::sysORID.11 = OID: SNMPv2-SMI::enterprises.9.7.54
On the Router R1 verify ACL 50, match numbers in parenthesis suppose to increment drastically, indicating that you configured feature properly.
R1#show access-lists
Standard IP access list 50
10 permit 192.168.0.0, wildcard bits 0.0.0.255 (2254 matches)
Conclusion:
Snmpwalk simple tool that gives you a sense of confirmation that your SNMP implementation effort has succeeded. You can use the skills you learned in this lab, in any future GNS3 project related to network management. This could be part of out-of-band network design or possibly anything else you could think of.
Download Lab: GNS3
Learn how to use snmpwalk to verify you SNMP configuration on the cisco router
Prerequisites:
Cisco IOSv (vios-adventerprisek9-m.vmdk.SPA.156-2.T)
Image from the dockerhub: roxron/rus_tem:mgmt_srv
Introduction:
A lot of networking students are struggling with networking tools available in the marketplace, despite that there are many choices of docker containers in the appliances section still as CCNP student I have to waste a lot of my time to verify SNMPv3 configuration on the router, for example. The lack of explanation attached to the containers is a big issue for me. I did not understand how to use AAA server until I watched youtube videos made by David Bombal which clearly explains all aspects. Later I needed more tools but lack of containers led me to the experiments with GNS3 VM and how to link it to my VM instances running on the VMware Hypervisor, which was quite a success but it still requires more time on the things that are not helpful for certification study. The dockerhub is a perfect system to share containers without waiting on someone to upload new stuff to the marketplace. I might gonna make lab explaining how to create your own appliance using docker but for now, I hope that this lab will help a lot of people to save time while preparing for Cisco certifications.
About the container:
Build on the centos image, is in the Beta state since it constantly gets updated, for now, it supports FTP, SFTP, SCP, TFTP, SNMP protocols for managing networking devices.
Users: ftpuser, gns3
Password: gns3
/home/ftpuser is where all files go when you use listed protocols above.
Lab objectives:
First, you will import container into the GNS3, then configure SNMPv3 on the router and verify this configuration with snmpwalk.
Lab procedure:
Step1: Install Management Server.
In the GNS3, go to preferences and select Docker Containers:
Click on the New button and chose New image:
Copy image name from prerequisites section and paste into the Image name:
Click Next> button and give the name to the container MGMT_SERVER or choice your own.
Click Next> button and choose a number of network adapters but better leave the default of one.
Click Next> button, leave the default parameters for Start command.
Click Next> button again, leave the default setting for Console type.
Click Next> button.
Click the Finish button to complete.
Apply and press OK button.
Start new project then drag MGMT_SERVER to the working space it will begin to pull image from the dockerhub.
Now that container is installed you can download lab and proceed with SNMPv3 configuration.
Step2: Configure SNMPv3 on the router.
Open terminal of the router R1, then in the global configuration mode type these commands:
R1(config)#access-list 50 permit 192.168.0.0 0.0.0.255
R1(config)#snmp-server view ALL_VIEW iso included
R1(config)#snmp-server group SNMP v3 priv read ALL_VIEW access 50
R1(config)#snmp-server user CISCO SNMP v3 auth md5 cisco12345 priv des cisco12345
R1(config)#snmp-server host 192.168.0.2 version 3 priv CISCO
R1(config)#snmp-server ifindex persist
Verify SNMPv3 with these commands:
R1# show access-list
R1# show snmp view
R1# show snmp group
R1# show snmp user
R1# show snmp host
Verify access to the SNMP management station.
R1# ping 192.168.0.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:
.!!!!
Step3: Using snmpwalk generate SNMP request to the router R1.
From the terminal of Management Server using these credentials: "ftpuser/gns3" type this command to pull information.
[ftpuser@MGMT_SERVER-1 ~]$ snmpwalk -v3 -u CISCO -l authPriv -a MD5 -A cisco12345 -x DES -X cisco12345 192.168.0.11
Sample of output that supposes to be generated:
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Tue 22-Mar-16 16:19 by prod_rel_team
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1041
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1348008) 3:44:40.08
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING: R1
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-SMI::enterprises.9.7.129
SNMPv2-MIB::sysORID.2 = OID: SNMPv2-SMI::enterprises.9.7.115
SNMPv2-MIB::sysORID.3 = OID: SNMPv2-SMI::enterprises.9.7.265
SNMPv2-MIB::sysORID.4 = OID: SNMPv2-SMI::enterprises.9.7.112
SNMPv2-MIB::sysORID.5 = OID: SNMPv2-SMI::enterprises.9.7.106
SNMPv2-MIB::sysORID.6 = OID: SNMPv2-SMI::enterprises.9.7.47
SNMPv2-MIB::sysORID.7 = OID: SNMPv2-SMI::enterprises.9.7.122
SNMPv2-MIB::sysORID.8 = OID: SNMPv2-SMI::enterprises.9.7.37
SNMPv2-MIB::sysORID.9 = OID: SNMPv2-SMI::enterprises.9.7.92
SNMPv2-MIB::sysORID.10 = OID: SNMPv2-SMI::enterprises.9.7.53
SNMPv2-MIB::sysORID.11 = OID: SNMPv2-SMI::enterprises.9.7.54
On the Router R1 verify ACL 50, match numbers in parenthesis suppose to increment drastically, indicating that you configured feature properly.
R1#show access-lists
Standard IP access list 50
10 permit 192.168.0.0, wildcard bits 0.0.0.255 (2254 matches)
Conclusion:
Snmpwalk simple tool that gives you a sense of confirmation that your SNMP implementation effort has succeeded. You can use the skills you learned in this lab, in any future GNS3 project related to network management. This could be part of out-of-band network design or possibly anything else you could think of.
Comments
Post a Comment