Troubleshooting SNMP Polling
Please refer to SNMP Polling and Traps section of NFO Administration Guide for details on configuring SNMP polling.
Please check whether you can see syslogs with nfc_id=20003 in the system that receives NFO output. If you do not see these records, please ensure that there is no firewall between NFO and your network devices that could potentially block SNMP traffic.
You can use
snmpwalk from the NFO machine to test connectivity and confirm that your network devices respond to SNMP polling.
If you don’t have net-snmp on NFO machine, please perform the following:
yum -y install net-snmp net-snmp-utils
Run snmpwalk to test
Example for SNMP v2c:
snmpwalk -v 2c -c public 10.0.0.1
public is a community string and 10.0.0.1 is your network device management IP.
This command will perform SNMP polling of all OIDs available at device 10.0.0.1
Example for SNMP v3:
snmpwalk -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50
For more information on SNMP command parameters, visit: https://linux.die.net/man/1/snmpcmd
Capturing Packets (PCAP)
To analyze SNMP polling requests and replies, you might need to capture traffic packets using the
If you need to send a PCAP file to NetFlow Logic Support for analysis, please follow these steps:
- Set the v3 password on the device to '12345678' before capturing SNMP polling.
- Create new Credentials in NFO with the password set to '12345678' for the device you intend to capture traffic from.
- Run the following command on the NFO machine (replace x.x.x.x with the device's IP address):
sudo tcpdump -i any host x.x.x.x and port 161 -s 0 -w nfo_snmp_traffic.pcap
- Allow the packet capture to run for at least 5 minutes before stopping it.
- After capturing, remember to change the v3 password back to the original password on both the device and in the NFO SNMP polling configuration.