Getting SNMP working on Ubuntu 18.04 can be a challenge. The reason is the default SNMP configuration file contains so many entries it’s totally overwhelming and additionally it might be configured to only listen on localhost. Finally if you don’t have UDP port 161 allowed on your firewall you will endless be going in circles.
In this article we will attempt to install SNMP on Ubuntu so that an external server can access your setup.
We’ll install the libraries, then do a backup and minimal configuration, and then start testing. Optionally we’ll check if there is a localhost restriction. I’ll leave the firewall checking to you or contact us if you require additional assistance.
SNMP library to install
sudo apt-get install snmpd
The default snmp file provided with Ubuntu needs a higher grade in computer science to understand. So what we’ll do is first back it up for when you have 2 years of free time to study hieroglyphics.
# cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.backup
Now you can edit the file using your favourite text editor, e.g.
vi /etc/snmp/snmpd.conf and remove all the junk.
Here is an example of a config that works.
Note: You have to enable
161 on your firewall if you’re monitoring your server from the outside.
If you’re using a system such as PRTG to monitor your servers, try the following settings:
# cat /etc/snmp/snmpd.conf com2sec readonly your_secret_community syslocation "Server Location" syscontact Firstname Lastname sysservices 76 master yes agentaddress udp:161 rocommunity your_secret_community
Once you’ve save the
snmpd.conf file, restart the
service snmpd restart
You can use snmpwalk to test SNMP, provided it’s installed. Install this utility by doing this:
apt install snmp
Then do: snmpwalk -c your_secret_community -v1 localhost from the localhost or remote host to test. First try
localhost then try the IP address of your server. Ideally you also want to perform this test from your NMS to the remote host.
/etc/default/snmpd for localhost restriction
You may have to check the following line to see if your SNMP is not locked to localhost:
# cat /etc/default/snmpd SNMPDOPTS='-Lsd -Lf /dev/null -u Debian-snmp -g Debian-snmp -I -smux,mteTrigger,mteTriggerConf -p /run/snmpd.pid'
If you see
127.0.0.1 but you’re trying to connect SNMP from a remote system, remove the