Problem monitoring edge router through firewall

[agpol07]

Hi,
I am trying to monitor an edge router (Cisco ASR1001-X), that is after the firewall, but i get an error saying

No ports were detected on the switch. Possible reasons for this include:
The switch is currently down
The switch does not exist at the address you specified
SNMP support on the switch is disabled

If you keep experiencing problems with the switch wizard scan, login to the Nagios XI server as the root user and execute the following command:

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '100000000' '[email protected]:161::::2'

This command gives me the following result:

[root@nagios /]# /usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '100000000' '[email protected]:161::::2'
--base: Get Device Info on [email protected]:161::::2
SNMP Error:
no response received
SNMPv2c_Session (remote host: "195.xxx.xxx.xxx" [195.xxx.xxx.xxx].161)
community: "public"
request ID: 1279053911
PDU bufsize: 8000 bytes
timeout: 2s
retries: 5
backoff: 1)
at /usr/bin/../lib/mrtg2/SNMP_util.pm line 651
SNMPWALK Problem for 1.3.6.1.2.1.1 on [email protected]:161::::2:v4only
at /usr/bin/cfgmaker line 951
WARNING: Skipping [email protected]:161::::2 as no info could be retrieved

Use of uninitialized value $comment_sysdescr in substitution (s///) at /usr/bin/cfgmaker line 379.
Use of uninitialized value $sysname in concatenation (.) or string at /usr/bin/cfgmaker line 412.
Use of uninitialized value $comment_sysdescr in concatenation (.) or string at /usr/bin/cfgmaker line 412.
Use of uninitialized value $syscontact in concatenation (.) or string at /usr/bin/cfgmaker line 412.
Use of uninitialized value $syslocation in concatenation (.) or string at /usr/bin/cfgmaker line 412.
# Created by
# /usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed 100000000 [email protected]:161::::2


### Global Config Options

# for UNIX
# WorkDir: /home/http/mrtg

# or for NT
# WorkDir: c:\mrtgdata

### Global Defaults

# to get bits instead of bytes and graphs growing to the right
# Options[_]: growright, bits

EnableIPv6: no

######################################################################
# System:
# Description:
# Contact:
# Location:
######################################################################

Could someone help me?

[scottwilkerson]

Are you sure SNMPv2 is enables for this router and the community string is "public"?

Can this router be reached from the Nagios XI server?

Is the firewall blocking port 161?

[agpol07]

Are you sure SNMPv2 is enables for this router and the community string is "public"?

Can this router be reached from the Nagios XI server?

Is the firewall blocking port 161?

Yes.
Yes.
No, 161 and 162 are open..

[scottwilkerson]

Can you run the following from your Nagios XI server CLI to confirm you can get a a SNMP response from this server

Code: Select all

snmpwalk -v2c -c 'public' 195.xxx.xxx.xxx

[agpol07]

Timeout: No Response from 195.xxx.xxx.xxx

[scottwilkerson]

Timeout: No Response from 195.xxx.xxx.xxx

So this is indicating either your network isn't allowing the traffic, or the router is not responding to SNMP requests with that community string.