SNMP-based Linux recognition and configuring/enabling the SNMP client

  • 10100611N
  • NOVL105316
  • 01-Mar-2006
  • 01-Mar-2006

Archived Content: This information is no longer maintained and is provided 'as is' for your convenience.

Goal

SNMP-based Linux recognition and configuring/enabling the SNMP client

Fact

Novell ZENworks Asset Management 7 - ZAM7 SP1

SNMP-based Linux recognition and configuring/enabling the SNMP client

Configuring the Firewall under Linux

Network Discovery of Novell Linux SLES, OES, NLD, and SUSE depends entirely upon SNMP.

Fix

 Depending upon the Linux platform and/or the version, the tools may be named slightly differently and/or the UI different.

Create an SNMP client configuration file (SNMPD.CONF

There’s a tool to do this, named SNMPCONF.

Start up a Terminal or Konsole session.

If you’re not already logged in as the Root user, do so now by typing: SU, then the root password when prompted.

Type: CD /usr/share/snmp to make snmp your working directory.

Type: SNMPCONF to start the SNMP configuration program.

It will list all *.conf files that it finds and ask you which one(s) you want to read in. Type none.

Next it will tell you that it knows how to create three types of files:

snmpd.conf

snmptrap.conf

snmp.conf.

Type 1 to create an snmpd.conf file.

Next you’ll be presented with a menu listing the 6 sections of the snmpd.conf file that it knows how to create.

First, select 1. Access Control Setup.

From the next menu select, 3. a SNMPv1/SNMPv2 read-only community access name.

At the question, The community name to add read-only access for:, enter public.

You’ll be asked two more questions … just hit Enter to accept the default.

Back at the Select Section prompt, select 4. a SNMPv1/SNMPv2 read-write community access name, enter private.

Again, hit Enter for the next two questions to accept the default.

Back at the Select Section prompt, type finished.

Now select 4. Agent Operating Mode .

From the next menu select, 1. Should the agent operate as a master agent or not.

At the question, Should the agent run as an AgentX master agent? enter agentx.

At the Select Section prompt, type finished.

At the Select Section prompt, select 1. The [typically physical] location of the system.<./P>

At the prompt, The location of the system:, type in something descriptive.

At the Select Section prompt, select 2. The contact information for the administrator.

At the prompt, The contact information:, enter your name.

At the Select Section prompt, select 3. The proper value for the sysServices object.

You’ll be asked 5 questions. Enter the number 0 for each one of them.

At the Select Section prompt, type finished.

At the Select Section prompt, type finished again.

At the Select File prompt, type quit.

If you get a warning An snmpd.conf file already exists in this directory. ‘overwrite’, ‘skip’, ‘renames’ or ‘append’? :, type overwrite.

Exit out of Terminal or Konsole.

Configure the Firewall.

SNMP uses UDP protocol, which uses port 161. If the Firewall is running, that port is not open by default. YaST offers a control to configure the Firewall.

Start Control Center also known as YaST. Typically you’ll find this under the System menu in the list of Applications.

If you’re not logged in as the Root user, you’ll be asked to provide the Root user password.

Click on Security and Users in the left window pane.

Click on Firewall in the right window pane.

Depending upon your installation of Linux, the UI will be different from here on. Newer Firewalls have a two-pane UI. The left pane will list Start-up, Interfaces, Allowed Services, Masquerading, Broadcast, Ipsec Support, and Logging Level. Click on Allowed Services, then in the lower right corner, click on the Advanced… button. An Additional Allowed Ports window will pop up. In the UDP Ports text box, enter 161. Click Ok to dismiss the dialog, then back at the main dialog click Next, then click on Accept.

Older firewalls will show a dialog titled Firewall Configuration (Step 1 of 4): Basic Settings. This UI does not provide a way to enable UDP communications on port 161, so you have. to manually edit the Firewall config file

Start a Terminal session.

If you’re not logged in the Root user, use the SU command to change to the Root user.

Type CD /etc/sysconfig.

Start the VI text editor by typing: VI SuSEfirewall2

Search for the UDP configuration line by typing: /FW_SERVICES_EXT_UDP

The line in the file will probably look like this: FW_SERVICES_EXT_UDP=""

Change the line to this: FW_SERVICES_EXT_UDP="161"

Type :w to write your changes to disk.

Type :q to quit the VI editor.

Now we’re going to start and stop the Firewall, so under YaST click on Security and Users in the left window pane.

Click on Firewall in the right window pane.

Click on the Reconfigure Firewall Settings radio button.

Keep clicking on the Next button until you get to the dialog, Save settings and activate firewall, then click on Continue.

The Firewall should be configured properly.

Enable and Start the SNMP Client.

Once the SNMP client configuration file is set and the Firewall allows UDP communications through port 161 we should be good to go. The only thing left is to enable and start the SNMP client.

Once again start the Control Center (YaST).

In the left pane, click on System.

In the right pane, click on Runlevel Editor (which is also sometimes named System Services).

Scroll down the list of services until you find SNMPD.

Select SNMPD then click on the Enable button.

If SNMPD was already running, select the SNMPD service, then click on the Expert Mode radio button at the top of the screen. We’re going to start and stop the service so it will apply the configuration file that we created.

Click on the Start/Stop/Refresh drop list at at the bottom of the window, then click on Stop now… then click on Start now…

The SNMP c.lient should now be ready to be interrogated by our Network Discovery task.

.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.