Author Archive for Scott Wilkerson

Enabling SNMP on Cisco Router – Cisco Devices

SNMP – Enabling SNMP on Cisco Router

—-

We’ve had a lot of questions on the process for configuring SNMP on Cisco devices, mainly routers and switches, in this article we will give you the steps on how to configure SNMP on Cisco routers (and Catalyst switches).

Note: We’ve tested these commands in our lab but if you have any additional questions on what may be required for your environment, please reach out to your network administrator and/or Cisco to verify that they will work with your specific devices.

1. SSH or Telnet into your router/switch:

* We recommend enabling SSH and disabling telnet wherever possible because telnet will send all the information you enter (including usernames and passwords) as plaintext across your network because it is a insecure protocol.

If you’re connecting from Linux
——————————-
ssh user@X.X.X.X

OR

telnet X.X.X.X

If you’re connecting from Windows
———————————
You can connect with Putty or another SSH/Telnet client. Just type in the router/switch IP address and select the SSH or Telnet protocol when connecting.

2. Enter enable mode:
enable

3. Enter into configuration mode:
configure terminal

4. Setup a read-only SNMP community on the device so that you can monitor it with Nagios:
snmp-server community YOURCOMMUNITY ro

* We recommend that you come up with a complex SNMP community string (capitals, lowercase, alpha-numeric characters) but don’t use any special characters because not all software will work with them in it.

5. Exit configuration mode and save the changes you’ve made:
exit
write memory

Here are the configuration commands (simplified):

MYROUTER>enable
Password:
MYROUTER#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
MYROUTER(config)#snmp-server community YOURCOMMUNITY ro
MYROUTER(config)#exit
*Mar  1 00:14:40.987: %SYS-5-CONFIG_I: Configured from console by console
MYROUTER#write memory
Building configuration…
[OK]
MYROUTER#exit

Configuring SNMP Traps

———-

SNMP traps are a great way of getting alerted from a device in near real-time. When you setup SNMP traps on your compatible device and it detects an error (or another piece of information you’ve set as a trap), the device will send a trap immediately through SNMP to your Nagios server so that you can act on it according to your Nagios configurations.

Here is the process for settings up SNMP traps on your Cisco devices:

1. SSH or telnet into your router/switch.
ssh user@X.X.X.X

* We recommend enabling SSH and disabling telnet wherever possible because telnet will send all the information you enter (including usernames and passwords) as plaintext across your network.

OR

telnet X.X.X.X

2. Enter enable mode:
enable

3. Enter into configuration mode:
configure terminal

4. Setup your Nagios server as the trap target:
snmp-server host NAGIOSIPADDRESS version 2c YOURCOMMUNITY

5. Setting up the type of SNMP traps that you want to send:
You can enable all SNMP traps with this command:

snmp-server enable traps

or you can enable individual traps with the command template:

snmp-server enable traps [notification-type [notification-options]]

As an example, to setup SNMP traps for OSPF errors you would run this command:

snmp-server enable traps ospf errors

6. Exit configuration mode and save the changes you’ve made:
exit
write memory

Here are the configuration commands (simplified):

MYROUTER>enable
Password:
MYROUTER#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
MYROUTER(config)#snmp-server host IPADDRESS version 2c YOURCOMMUNITY
MYROUTER(config)#snmp-server enable traps
MYROUTER(config)#exit
*Mar  1 00:14:40.987: %SYS-5-CONFIG_I: Configured from console by console
MYROUTER#write memory
Building configuration…
[OK]
MYROUTER#exit

You can read more about setting up SNMP traps with Nagios XI here.

https://assets.nagios.com/downloads/nagiosxi/docs/Integrating_SNMP_Traps_With_Nagios_XI.pdf

FREAK Vulnerability Tester

With yesterday’s disclosure of the new SSL/TLS vulnerability dubbed FREAK, we at Nagios decided to take some action to assist the community with a quick and easy tester to help determine if a server is vulnerable to (CVE-2015-0204).

If you are not familiar with the FREAK Vulnerability, here is a brief description from https://freakattack.com/ :

A connection is vulnerable if the server accepts RSA_EXPORT cipher suites and the client either offers an RSA_EXPORT suite or is using a version of OpenSSL that is vulnerable to CVE-2015-0204. Vulnerable clients include many Google and Apple devices (which use unpatched OpenSSL), a large number of embedded systems, and many other software products that use TLS behind the scenes without disabling the vulnerable cryptographic suites.

 

At Nagios, we take security vulnerabilities very seriously and when possible like to offer the ability to perform a quick check directly from our website.

Enter FREAK Vulnerability Tester (CVE-2015-0204)

FREAK Vulnerability Tester (CVE-2015-0204)

 

Nagios Enterprises provides IT management solutions that monitor your network infrastructure, manage your network bandwidth, and can mitigate or even eliminate the effects of the FREAK Vulnerability as well as other security vulnerabilities.

For most servers that are found to be vulnerable administrators should be able to update the OpenSSL package and then restart the affected services such as httpd.

If your server is running RHEL or CentOS, the following commands will resolve the security vulnerability:

yum update openssl -y
service httpd restart

If you are already using Nagios Core or XI to monitor your infrastructure, this easy-to-use plugin can notify you if your system is susceptible to the FREAK vulnerability.

Download the check_freak Plugin

If you haven’t experienced the benefits of monitoring with Nagios, be sure to check out our products page.

Nagios Cloud Solutions Now Available in Frankfurt Amazon EC2 Region

TheAmazon Web Services (AWS) latest Nagios XI, Network Analyzer, and Log Server – Amazon EC2 cloud images have been pushed out to the following additional location:

  • Europe (Frankfurt)

The Nagios cloud images are an excellent opportunity to leverage the capabilities of Nagios XI, Network Analyzer, and Log Server in your environment without having the upfront expense of dedicated hardware and maintaining the ability to upgrade your system with virtually zero downtime.

Continue reading ‘Nagios Cloud Solutions Now Available in Frankfurt Amazon EC2 Region’

Nagios Log Server Available in Amazon EC2

Amazon Web Services (AWS)We are pleased to announce that you can now easily launch your Nagios Log Server monitoring server in the Amazon Elastic Compute Cloud (EC2). We have clean CentOS 6 images with Nagios Log Server pre-installed available for public and customer use. This makes it extremely easy for Nagios Log Server administrators to start additional servers without the need to procure or invest in hardware. Additionally, those wishing to demo Nagios Log Server can easily do so using the cloud.

Nagios Log Server is a powerful enterprise-class log monitoring and management application that allows organizations to quickly and easily view, sort, and configure logs from any source on any given network. Log Server is designed to analyze, collect, and store log data based on custom specifications, and provide users with extended insight into the data on their network’s infrastructure. Continue reading ‘Nagios Log Server Available in Amazon EC2’