Configuring F5 BIG IP LTM for SNMP

What IP address does the NMS need to point to? Management or Interface IP?both will work. anyway, if you use selfip, please make sure port lockdown allows NMS service port.

 

 

Then what will be an OID? I dont have any idea about thisyou can leave it blank. it will allow all OID.

Hi nitass,

 

 

Thanks a lot for the reply. But i can't do the v2c SNMP config as it is asking for the OID. The LTM doesnt accepts blank OID and so i need to enter a value there. Do you have any idea of the F5 default OID's?Such as to poll system default events like cpu high, power supply bad, etc? Please help me as i dont have much expertise on F5 SNMP config...

specify .1 as the oid and you'll be fine.

thanks Jason!

Dathan, where was it? was it at system > snmpd > agent > access (v1,v2c)?

mine is 10.2.3 and i am able to add community without putting OID.

root@ve1023(Active)(tmos) list sys snmp communities
sys snmp {
    communities none
}

root@ve1023(Active)(tmos) modify sys snmp communities add { test1 { community-name public1 } }

root@ve1023(Active)(tmos) list sys snmp communities
sys snmp {
    communities {
        test1 {
            community-name public1
        }
    }
}

The oid is the base of the oid tree that the community string/host will have access to. I have a sneaking suspicion some versions insist on you specifying the oid accessible, and some will assume if you dont specify an explicit oid that you mean .1 (i.e evything)

 

 

H

Thanks Jason, nitass and Hamish..

 

 

@jason.. i have tried adding the OID as .1.3.6.1.4.1.3375.2 and the LTM accepted it. but when i tried to run a snmpwalk from the clients added to the LTM (Under Client Allow List),i was not getting any response. But at the same time when i tried snmpwalk with the default community "public" which is already in F5, i was getting the reply. It was quite strange that LTM was not accepting the new community and the OID.

 

 

@nitass... The version that i am using is 9.4.7 and it doesn accept to add the community without an OID. What i have done is i have openned the MIB's using a MIB browser and noted down all the OID's. Then i have identified the parent OID among them and added that to F5. LTM accepted the configuration but the snmpwalk didnt worked.

 

 

@Hamish..I havent tried the OID with .1 but i suspect it also doesnt work on my version 9.4.7.

Something doesnt sound right there... Although its been a while since i ran v9 the snmp hasnt changed a lot

 

 

If you take a look at the snmp config file it should say what has been put in it. And u can enable debugging too which can be quite useful

 

 

Are there any erorrs in the logging that snmpd does by default?

 

 

H

Hi Hamish,

 

 

I cant enable debugging as it is in production network. also i didnt got any errors when i have configured the snmp agent and traps with the new community. I am attaching the snmpd.conf file for your reference.

 

 

Thanks a lot for all of your efforts and replies.

 

 

Regards

 

Dathan

 

Hi....

 

 

Anyone got any updates..???

 

 

Thanks

We have LTM 9.4.8 and use Solarwinds Orion for monitoring. We downloaded F5 LTM MIBs into Orion and added the LTM as a managed node with the default community string. Then on LTM we added the IP address of Orion under the 'ALlow Clients List" (System -> SNMP-> AGent -> Configuration). Our snmpd.conf file is similar to yours. See attached. I've removed identifable information but the settings are clear.

 

 

Hope this helps.