SNMP网络监控
【实验原理】
SNMP(Simple Network Management Protocol,简单网络管理协议)的前身是简单网关监控协议(SGMP),用来对通信线路进行管理。随后,人们对SGMP进行了很大的修改,特别是加入了符合Internet定义的SMI和MIB:体系结构,改进后的协议就是著名的SNMP。现在SNMP已经出到第三个版本的协议,其功能较以前已经大大地加强和改进了。
【实验环境】
NMS 虚拟机 windows server 2003 操作系统
监控软件 What's_up_Gold_v8.01
防火墙 h3c F100-C两塔
交换机 华为的 S2000
Web Server 虚拟机windows server 2003操作系统
【实验拓扑】
【实验配置】
防火墙1
[fw-1]dis cu
#
sysname fw-1
#
firewall packet-filter enable
firewall packet-filter default permit
#
insulate
#
firewall statistic system enable
#
radius scheme system
server-type extended
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 192.168.2.1 255.255.255.0
#
interface Ethernet0/1
#
interface Ethernet0/2
#
interface Ethernet0/3
#
interface Ethernet0/4
ip address 192.168.3.1 255.255.255.0
#
interface Encrypt1/0
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
add interface Ethernet0/0
set priority 85
#
firewall zone untrust
add interface Ethernet0/4
set priority 5
#
firewall zone DMZ
set priority 50
#
firewall interzone local trust
#
firewall interzone local untrust
#
firewall interzone local DMZ
#
firewall interzone trust untrust
#
firewall interzone trust DMZ
#
firewall interzone DMZ untrust
#
FTP server enable
#
ip route-static 192.168.4.0 255.255.255.0 192.168.3.2 preference 60
#
snmp-agent
snmp-agent local-engineid 000063A27F00000100001560
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info contact haohao
snmp-agent sys-info location ty-1
snmp-agent sys-info version all
snmp-agent target-host trap address udp-domain 192.168.2.200 params securityname public
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
防火墙2
[fw-2]dis cu
#
sysname fw-2
#
firewall packet-filter enable
firewall packet-filter default permit
#
insulate
#
firewall statistic system enable
#
radius scheme system
server-type extended
#
domain system
#
local-user admin
password cipher .]@USE=B,53Q=^Q`MAF4<1!!
service-type telnet terminal
level 3
service-type ftp
#
interface Aux0
async mode flow
#
interface Ethernet0/0
ip address 192.168.4.1 255.255.255.0
#
interface Ethernet0/1
#
interface Ethernet0/2
#
interface Ethernet0/3
#
interface Ethernet0/4
ip address 192.168.3.2 255.255.255.0
#
interface Encrypt1/0
#
interface NULL0
#
firewall zone local
set priority 100
#
firewall zone trust
add interface Ethernet0/0
set priority 85
#
firewall zone untrust
add interface Ethernet0/4
set priority 5
#
firewall zone DMZ
set priority 50
#
firewall interzone local trust
#
firewall interzone local untrust
#
firewall interzone local DMZ
#
firewall interzone trust untrust
#
firewall interzone trust DMZ
#
firewall interzone DMZ untrust
#
FTP server enable
#
ip route-static 192.168.2.0 255.255.255.0 192.168.3.1 preference 60
#
snmp-agent
snmp-agent local-engineid 000063A27F0000010000131B
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info contact zhaozhao
snmp-agent sys-info location ty-2
snmp-agent sys-info version all
snmp-agent target-host trap address udp-domain 192.168.2.200 params securityname public
#
user-interface con 0
user-interface aux 0
user-interface vty 0 4
authentication-mode scheme
#
return
交换机
[sw-1]dis cu
#
sysname sw-1
#
radius scheme system
#
domain system
#
vlan 1
#
interface Vlan-interface1
ip address 192.168.4.2 255.255.255.0
#
interface Aux1/0/0
#
interface Ethernet1/0/1
#
interface Ethernet1/0/2
#
interface Ethernet1/0/3
#
interface Ethernet1/0/4
#
interface Ethernet1/0/5
#
interface Ethernet1/0/6
#
interface Ethernet1/0/7
#
interface Ethernet1/0/8
#
interface Ethernet1/0/9
#
interface Ethernet1/0/10
#
interface Ethernet1/0/11
#
interface Ethernet1/0/12
#
interface Ethernet1/0/13
#
interface Ethernet1/0/14
#
interface Ethernet1/0/15
#
interface Ethernet1/0/16
#
interface Ethernet1/0/17
#
interface Ethernet1/0/18
#
interface Ethernet1/0/19
#
interface Ethernet1/0/20
#
interface Ethernet1/0/21
#
interface Ethernet1/0/22
#
interface Ethernet1/0/23
#
interface Ethernet1/0/24
#
interface NULL0
#
ip route-static 0.0.0.0 0.0.0.0 192.168.4.1 preference 60
#
snmp-agent
snmp-agent local-engineid 800007DB000FE2428A416877
snmp-agent community read public
snmp-agent community write private
snmp-agent sys-info contact zhaozhao
snmp-agent sys-info location ty-2
snmp-agent sys-info version all
snmp-agent target-host trap address udp-domain 192.168.2.200 params securityname public
#
user-interface aux 0
user-interface vty 0 4
#
return
创建一个web server
安装监控软件
【实验测试】
测试一
右键点击属性可以更改名字 同时你也可以连线 右键点击 attach to 将箭头指向要连接的设备 也可以更改图标 右键属性 type 有很多类型可以选择
实验测试二
将Web Server 站点停止
