Cisco Prime Infrastructure 2.0 not pulling any SNMP data

Good evening,

I have setup Cisco Prime Infrastructure 2.0 and, though I have added manually my 4 network cores as devices without any problem, I can't get a single trap or a single SNMP information to be pushed into my Cisco Prime Infra.

Here is my SNMP config on my core :

snmp-server user *edited* *edited* v3
snmp-server  group *edited* v3 noauth notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF0F
snmp-server community *edited* RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps rf
snmp-server enable traps memory
snmp-server enable traps cpu_threshold
snmp-server enable traps eigrp
snmp-server enable traps ospf state-change
snmp-server enable traps ospf errors
snmp-server enable traps ospf retransmit
snmp-server enable traps ospf lsa
snmp-server enable traps ospf cisco-specific state-change nssa-trans-change
snmp-server enable traps ospf cisco-specific state-change shamlink interface
snmp-server enable traps ospf cisco-specific state-change shamlink neighbor
snmp-server enable traps ospf cisco-specific errors
snmp-server enable traps ospf cisco-specific retransmit
snmp-server enable traps ospf cisco-specific lsa
snmp-server enable traps flex-links status
snmp-server enable traps fru-ctrl
snmp-server enable traps entity
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps ether-oam
snmp-server enable traps aaa_server
snmp-server enable traps flash insertion removal
snmp-server enable traps l2tc threshold sys-threshold
snmp-server enable traps power-ethernet police
snmp-server enable traps rep
snmp-server enable traps vswitch dual-active vsl
snmp-server enable traps udld link-fail-rpt status-change
snmp-server enable traps vtp
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps auth-framework sec-violation
snmp-server enable traps dot1x auth-fail-vlan guest-vlan no-auth-fail-vlan no-guest-vlan
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps entity-diag boot-up-fail hm-test-recover hm-thresh-reached scheduled-test-fail
snmp-server enable traps port-security
snmp-server enable traps ethernet evc status create delete
snmp-server enable traps energywise
snmp-server enable traps ipsla
snmp-server enable traps vstack
snmp-server enable traps bfd
snmp-server enable traps bgp
snmp-server enable traps bulkstat collection transfer
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps ipmulticast
snmp-server enable traps isis
snmp-server enable traps msdp
snmp-server enable traps pim neighbor-change rp-mapping-change invalid-pim-message
snmp-server enable traps bridge newroot topologychange
snmp-server enable traps stpx inconsistency root-inconsistency loop-inconsistency
snmp-server enable traps syslog
snmp-server enable traps isakmp policy add
snmp-server enable traps isakmp policy delete
snmp-server enable traps isakmp tunnel start
snmp-server enable traps isakmp tunnel stop
snmp-server enable traps ipsec cryptomap add
snmp-server enable traps ipsec cryptomap delete
snmp-server enable traps ipsec cryptomap attach
snmp-server enable traps ipsec cryptomap detach
snmp-server enable traps ipsec tunnel start
snmp-server enable traps ipsec tunnel stop
snmp-server enable traps ipsec too-many-sas
snmp-server enable traps errdisable
snmp-server enable traps ethernet cfm alarm
snmp-server enable traps vlan-membership
snmp-server enable traps mac-notification change move threshold
snmp-server enable traps vrfmib vrf-up vrf-down vnet-trunk-up vnet-trunk-down
snmp-server host *ip-address-edited* version 3 noauth *edited*

Basically all traps are enabled but absolutely nothing is showing up in my Prime Infra except that my 4 devices are "Reachable".

Here is a show snmp on the same device :

sh snmp

Chassis: *S/N Edited*
38554534 SNMP packets input
    0 Bad SNMP version errors
    14 Unknown community name
    0 Illegal operation for community name supplied
    0 Encoding errors

38453185 Number of requested variables

0 Number of altered variables

17790703 Get-request PDUs

20583581 Get-next PDUs

0 Set-request PDUs

0 Input queue packet drops (Maximum queue size 1000)

38490708 SNMP packets output

0 Too big errors (Maximum packet size 1500)

0 No such name errors

0 Bad values errors

0 General errors

38371069 Response PDUs

13 Trap PDUs

SNMP global trap: enabled

SNMP agent enabled



SNMP logging: enabled

Logging to *edited*, 0/10, 13 sent, 0 dropped.

Can anyone point out what is wrong or missing in my configuration? I can't seem to single it out myself.

Thanks

Jeremy

Best Answer

In the "show snmp" traps are being generated, 13 of them, and you have snmp-server enable traps syslog set.

Few things you can do is add a logging ip address if one doesn't already exist or an additional address and throw up a simple syslog server and do a few things to generate traps like conf t or add a vlan and delete a vlan as you have these set to trap. If you don't to use vlans then add a loopback and shut/no shut it a few times.

Appears you are dealing with these remotely. I always open two sessions to the box. Session one, I execute "no debug all" then arrow up then switch to the other session and do term mon and then debug snmp packet. The first session is a failsafe so I can turn off debugging with hitting return if for some reason debug is taxing the box. School of remote access hard knocks.

While debug is running do conf t and exit a few times and/or add delete vlans and you will see the traps being generated and if they are pointing to the desired ip.

Should see something similar to these below.

6506E#term mon
6506E#debug snmp packet
SNMP packet debugging is on

6506E#sh run
Building configuration...
...
6506E#
19:24:18: SNMP: Queuing packet to 10.198.28.80
19:24:18: SNMP: V3 Trap, reqid 2, errstat 0, erridx 0
sysUpTime.0 = 6981747
snmpTrapOID.0 = ciscoConfigManMIB.2.0.1
ccmHistoryEventEntry.3.100 = 1 

!--- 1 -> commandLine. Executed via CLI.

ccmHistoryEventEntry.4.100 = 3 

!--- 3 -> running

ccmHistoryEventEntry.5.100 = 2 

!--- 2 -> commandSource. Show command was executed.

6506E#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
6506E(config)#exit

22:57:37: SNMP: Queuing packet to 10.198.28.80
22:57:37: SNMP: V3 Trap, reqid 2, errstat 0, erridx 0
 sysUpTime.0 = 8261709
 snmpTrapOID.0 = ciscoConfigManMIB.2.0.1
 ccmHistoryEventEntry.3.108 = 1

In our shop we only use PI for wireless management controllers and users, not switches. Third party and open source for switches. We have logging for all available traps to dual syslog servers for compliance and redundancy so I understand your frustration when traps aren't working as expected.

Also if you aren't are the latest patches in the 2.0 train I would highly recommend it. 2.0 is not the most stable from our experience until the patches are added. fwiw

Best Answer

Related Solutions

Cisco Prime NCS not starting

Cisco Prime Infrastructure 2.0 : IP Type – Not Detected

Related Topic