2.5 KiB
2.5 KiB
lab01- Network Management
nmon1-charlotte
- setup with hostname, username, networking (10.0.5.11, remember: add
charlotte.localto search domain) - add record to DNS manager
I had trouble reaching the internet on nmon1, then realized fw01 couldn't reach the internet as well.
idk what happened but I rebooted fw01 and it worked again
enable SNMP services on pfSense
- web dashboard (10.0.5.2)
- services -> SNMP
- restart SNMP service
Install and Test SNMP Client on nmon01
sudo yum install net-snmp-utils
Install SNMPD (a SNMP Server) on web01
- set up web01 (10.0.5.12, you know the drill by now)
sudo yum install net-snmp-utils net-snmp- The default snmp configuration does not suit our purpose. Make a backup copy of /etc/snmp/snmpd.conf and create a new/blank version.
sudo cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.backup
- allow 161/udp through firewall
sudo firewall-cmd --add-port=161/udp --permanent`
sudo firewall-cmd --reload`
- enable/start snmpd
sudo systemctl enable snmpd
sudo systemctl start snmpd
install the SNMP Service Feature on AD01 using Server Manager on MGMT
install the SNMP-Tools Remote Administration Feature on MGM01
Enable Remote Management on AD01
Remote Computer Management does not work immediately for our remote AD01 Server due to firewall restrictions as seen in the error message.
You will need to fix this by invoking a remote PowerShell session with AD01 from mgmt01.
SNMP Service Security Properties on AD01
- Adjust the SNMP service properties on AD01 to add the SYS265 community string and limit queries to those from nmon01.
- Restart the SNMP Service on ad01
Capturing snmp packets nmon01->web01
- on web01:
tcpdump -i ens192 port 161 -c10 -AAA - on nom01:
snmpwalk -Os -c SYS265 -v2c web01-charlotte system