SNMP not working?



  • Has anyone attempted to get SNMP working in the later snapshots?  I don't remember when it quit working, but it does not now.  I am on nanobsd 0807 I believe.

    I cannot get SNMP stats from either the public or private IP, regardless of string or setting.



  • Using the correct community?

    My nagios monitoring system is not complaining, so it must be working



  • I now have it working from the internal IP when i set it to bind to LAN interface.  But it won't work to the WAN interface.



  • On the wan interface you will need to add firewall rules to allow port 162 udp



  • Yep, did that.  I can't seem to get my Solarwinds app to pull it up.  It works for every other firewall I have out there.  The firewall rule is very generous.  I am allowing 161 and 162 TCP/UDP from anywhere to the WAN interface.


  • Rebel Alliance Developer Netgate

    I just turned on SNMP on a test box and accessed it just fine from the WAN side, even with Solarwinds apps.

    Did you by chance check the box to only bind to the LAN interface by mistake?

    This is a full install though. I'll have to track down a running nano system to try, in case it's specific to that.



  • I had it working fine on my 1.22 embedded.  I didn't jump on the nano until just now.  I've been using pfSense and m0n0wall for years, and SNMP monitoring always worked fine (after accounting for the FW rules of course).  Only now it doesn't.


  • Rebel Alliance Developer Netgate

    I'm writing out a new nano image for my ALIX right now, I'll give it a spin and let you know what I find.


  • Rebel Alliance Developer Netgate

    I just fired up a nanobsd image from Wednesday on my ALIX, enabled SNMP, and I was able to query it fine from the WAN side.

    Do you see the service running on Status > Services?

    Do you see any blocked packets in the Firewall Logs?



  • I see nothing out of the ordinary, but the logs don't seem to be working right either.  I already put this into production in another state, so I'm a little skittish about upgrading over the Internet.  I don't know if I should wait until the main release or not.


  • Rebel Alliance Developer Netgate

    Sounds like something may be a little off with the image you used.

    Unfortunately there have been some images that didn't behave quite as well as they should have due to various builder issues and the like, but overall it's been pretty reliable for me. I've got two ALIX boxes running nano in production with customers and they're working OK, but it's just simple NAT+IPsec+PPTP on them. Worked fine and passed my tests before they went out into the wild.

    I can understand being skittish about remote upgrades since nano is still being implemented, but it has worked for most people. Typically it doesn't leave a system unbootable, if the upgrade fails it shouldn't switch to the alternate slice, but depending on the date of your image it may not have all of the safety precautions.


Log in to reply