SNMP troubleshooting

No MD5 Authentication with FIPS Enabled Devices

When setting up SNMP authentication properties, MD5 as an authentication method will not work with FIPS enabled environments. You will need to select SHA1 authentication instead.

You will also need to restart the probe services after any FIPS related changes.

To troubleshoot SNMP monitoring that is misconfigured or otherwise non-functional, try the following steps:

  • Verify you have enabled SNMP on the hardware device with a "GET" /"READ ONLY" community string of 'public'. Some hardware will have multiple places to enable this.
  • Verify that the devices are able to accept SNMP requests from "ALL" sources rather than specific IP addresses.
  • Ensure you have enabled SNMP by clicking All Devices[Device Name]> SettingsMonitoring Options tab and the community string populated. This is case sensitive.
  • Make sure the appropriate device class is selected on the All Devices[Device Name]> Settings > Properties tab.
  • Re-discover the device by running a discovery with the SNMP string populated with the community string.
  • Re-apply the Service Templates that may include:
    • NETWORK for switches for Network Devices.
    • Network and CISCO ASA/PIX for Cisco Firewalls, SonicWall for SonicWalls etc for Routers/Firewalls.
    • Dell, IBM or Intel Server hardware monitoring.

If this does not pull the data you want, you may not have SNMP configured on the device correctly, or the probe cannot reach the device. Download an application such as the free MIB Browser from iReasoning. Install this software on the probe server, point it at the SNMP enabled network device by IP and choose to walk the device. It should show a collection of OIDs. If it does not, SNMP is not properly configured.

It's also possible that the device does not support much detail for SNMP. A search in Google for its "MIB" file or "OID" list may confirm this, as will other people's experience with trying to monitor it. Tier 1 devices such as Cisco or SonicWall, Procurve switches, and so on should work without issue.