Step 7: SNMP Monitoring

SNMP is used to monitor the remote office from an external location.

Configure SNMP Server

Configure and enable the SNMP server on TNSR, as shown in the example below:

snmp community community-name P1zzaGuy source 198.51.100.0/24 security-name tnsrsnmp
snmp group group-name ROGroup security-name tnsrsnmp security-model v2c
snmp view view-name systemview view-type included oid .1
snmp access group-name ROGroup prefix exact model any level noauth read systemview write none
#
snmp host enable

Enable Port Forward to SNMP

If needed, setup static mapping from an external UDP port to the SNMP port on TNSR:

nat static mapping udp local 192.168.0.53 161 external WAN 161

Permit SNMP Polling with ACL

To permit access to the SNMP server from the WAN, create an ACL rule named snmp-WAN and apply it:

acl snmp-WAN
  rule 11
    desc Permit to SNMP
    action permit
    ip-version ipv4
    protocol udp
    source address 198.51.100.0/24
    destination port 161
    exit
  exit
#
# Apply ACL to interface Access-List
interface WAN
  access-list input acl snmp-WAN sequence 102
  exit