Just a small, helpful tidbit:

If you ever see the following in your tcpdump while resolving SNMP issues (when isn't SNMP having issues?):

ICMP host HOSTNAME unreachable - admin prohibited, length 76

It basically means that your iptables is blocking SNMP. This one has bit me on multiple occasions on boxes that were running iptables but should not have been. Either disable it or open up the port:

On RH-based distros:

for in 2 3 4 5; do sudo /sbin/chkconfig iptables --level $i off; done
sudo /etc/init.d/iptables stop


sudo /sbin/iptables -I Firewall-1-INPUT -p tcp -m state --state NEW -m udp --dport 161 -j ACCEPT
sudo /sbin/iptables-save

Of course, don't go disabling iptables, when you can simple open up the port :). I would also recommend using SNMPv3 whenever possible since it allows for encryption and authentications.




comments powered by Disqus