How To – Query Cisco routers using SNMP

Earlier today I released a new application I’ve been working on for the past month or two, Cisco Device Info. It allows you to quickly query a Cisco device (providing you have SNMP access) and view information such as interface status, throughput, IPSec status etc. It came about because we were looking for something at work for our helpdesk staff to use and couldn’t find anything suitable.

Enabling SNMP access on routers is simple, just follow the below instructions.

Enabling SNMP Version 2

Enabling version 2 is possible with a single command. It can optionally be restricted further with a standard
access list. To enable SNMP access with a read-only community string named “CiscoRocks” the following
command should be run in the global configuration mode (conf t);

snmp-server community CiscoRocks RO

Enabling SNMP Version 3

Enabling version 3 requires four commands to be run in the global configuration mode (conf t).

snmp-server group  <Group Name> v3 auth read  <Read-Only View name> write  <Read-Write View Name>
snmp-server view <Read-Only View Name> iso included
snmp-server view  <Read-Write View Name> iso included
snmp-server user cdi  <Group Name> v3 auth  <Auth Type>  <Auth Passphrase> priv  <Priv Type> <Priv Passphrase>

For example if it was decided that SNMPv3 using MD5 and AES-128bit should be enabled, the commands may
look like the following:

snmp-server group V3GROUP v3 auth read V3READ write V3WRITE
snmp-server view V3READ iso included
snmp-server view V3WRITE iso included
snmp-server user cdi V3GROUP v3 auth md5 CiscoRocks priv aes 128 CiscoRocks

If you’d like to find out more you can read more about Cisco Device Info here

Published by

Dave Hope

Dave is a Principal Software Analyst for a UK based retirement developer, in his spare time he enjoys digital photography and rock climbing.

Leave a Reply

Your email address will not be published. Required fields are marked *