SNMP Service is Pre-installed with VMWare System. all we need to just configure it and enable from GUI. First SSH or Telnet to your ESXi host with root user credentials. Once logged in, check the current SNMP configurations
[root@Host:~] esxcli system snmp get Authentication: Communities: Enable: true Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: Users: V3targets:
These Steps will guide you to configure the snmp service
- Start the configuration by setting the community string(s)
esxcli system snmp set --communities
eg.
esxcli system snmp set --communities MY_SNMP_STRING
- Configure SNMP Port
esxcli system snmp set --port 161
- Enable SNMP on the server
esxcli system snmp set --enable true
- Set syscontact
esxcli system snmp set --syscontact [email protected]
- Set Server Location:
esxcli system snmp set --syslocation DC-01
- Check SNMP firewall rules
[root@Host:~] esxcli network firewall get Default Action: DROP Enabled: true Loaded: true [root@Host:~] esxcli network firewall ruleset rule list | grep snmp snmp Inbound UDP Dst 161 161 [root@Host:~] esxcli network firewall ruleset rule list | grep snmp snmp Inbound UDP Dst 161 161
- To allow from any source IP:
esxcli network firewall ruleset set --ruleset-id snmp --allowed-all true
- If you would like to limit access to SNMP from the trusted subnets or IP addresses only, set it as below:
# esxcli network firewall ruleset allowedip add --ruleset-id snmp \ --ip-address 192.168.3.10 # esxcli network firewall ruleset allowedip add --ruleset-id snmp \ --ip-address 192.168.1.0/24 # esxcli network firewall ruleset set --ruleset-id snmp --enabled true
To test that the snmpd service is working fine, use the snmpwalk command from another Host.
$ snmpwalk -v 1 -c <SNMP-COMMUNITY-STRING> <ESXi-host-ip>