SNMP

After how woefully lacking in detail for the novice in OS 10 switches the Dell documentation is below is a little snippet that can be used to configure your switches with what appears to be enough permission for PRTG (or a similar SNMP monitoring system) to keep an eye on them.

After entering configuration mode a readonly view with a base OID is set (I’d be grateful for some feedback on this!), then a group (prtg) is created to contain the user and defines readonly permissions, finally a user (prtguser) is created, assigned to the group (prtg) and the relevant password and privacy encryption strings set.

configure
snmp-server view readonly 1.3.6.1.2.1 included
snmp-server group prtg 3 priv read readonly
snmp-server user prtguser prtg 3 auth sha LONGANDSTRONGAUTH priv aes LoNGANDSTRONGPRIV
exit
write memory

If you are looking to build out Zone Protection Profiles on your Palo Alto Networks Next Generation Firewall then it can be handy to know just what your connections per second metrics look over time for each zone. Quite lucky Palo Alto Networks have a little (although not entirely descript) guide on where you can get this data – https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/zone-protection-and-dos-protection/zone-defense/take-baseline-cps-measurements-for-setting-flood-thresholds/how-to-measure-cps.html.

With that information in hand it was just a matter of time before working out how to collect this data through PRTG so do follow on with the screenshot guide to find out how!

Handy strings:
1.3.6.1.4.1.25461.2.1.2.3.10
[rowidentifier] Connections Per Second
TCP
UDP
Other IP

Some more information on Zone Protection/Flood Protection: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/network/network-network-profiles/network-network-profiles-zone-protection/flood-protection.html

While carrying out the steps to move our network devices from a flat network to one with purposeful VLANs I had changed the IP address of one of our HP CP3505 printers (using the web based management console) to discover that with the new IP I could not print to the printer over the network.
Oddly enough the web based management console was still accessible, the printer replied to PINGs and SNMP requests but would not print (that includes from Mac and PC!).

With no error messages other than ‘Error – Printing’ on the server, and nothing in the logs of the printer it seemed like this issue would not have a simple solution.

In trying to troubleshoot the issue I tried…

  • Changing the printers IP address to other options (indeed changing the IP back to its original one sorted the problem but was not what I wanted)
  • Firmware updating the printer
  • Pressing all of the ‘reset’ and ‘clear settings’ buttons I could find on the printer through the WBMC and front panel
  • Attaching a network cable between a laptop and the printer direct (no server or switches)
  • Removing the jet direct card and leaving it for 30 minutes while the printer was unplugged (oddly enough the jet direct card has a button battery which cannot be removed on it)

All to no success!

In the end and on a complete whim I changed the network settings of the printer to use DHCP instead of Manual IP, reset the printer and then set it back to Manual IP. It was evident that the IP address I had set previously had been forgotten and I set upon the task of configuring the IP address through the front panel. Long behold this worked and the printer is now happyily printing under its new IP address.

There are lots of great reasons to replace personal printers with centralised photocopiers but one of the overlooked ones can be the greater ability to monitor these copiers using SNMP (Simple Network Management Protocol).

This article looks at keeping track of the status of the paper trays (how full they are!) using PRTG (http://www.paessler.com/prtg) on Sharp photocopiers.

To get rolling you will need-

  • PRTG (or some other item of software that can talk to SNMP)
  • Some way of querying the SNMP OIDs on the copiers (for this article I used the free version of MIB Browser – http://ireasoning.com/mibbrowser.shtml)
  • A little bit of ingenuity

If just by chance you are using the Sharp MX-2640N copiers then you can save time by using the following OIDs-

Paper Tray 1 Status .1.3.6.1.2.1.43.8.2.1.10.1.2
Paper Tray 2 Status .1.3.6.1.2.1.43.8.2.1.10.1.3
Paper Tray 3 Status .1.3.6.1.2.1.43.8.2.1.10.1.4
Paper Tray 4 (A3) Status .1.3.6.1.2.1.43.8.2.1.10.1.5

So to get this up and running follow the screen shot sequence below.