Solved

SNMP not working on Windows 2003 Server

Posted on 2006-07-06
12
4,147 Views
Last Modified: 2008-05-14
I am trying to do SNMP gets/walks on a windows 2003 server but it wont respond. I;ve installed and started the SNMP service. This is a domainless test lab network with just 3 computers in the domain. snmp is working fine on the other machines

Is there something extra you have to do in Windows 2003 to allow the machine to response to snmp requests

There doesnt seem to be a firewall running on that machine. The test environment is hosted by a cisco 501

SNMP toolset I'm using is the compiled net-snmp lib from net-snmp.org
0
Comment
Question by:plq
  • 5
  • 3
  • 3
  • +1
12 Comments
 
LVL 1

Expert Comment

by:nakoz69
ID: 17052766
Have you configured the Traps yet.  You have to setup SNMP to read from a trap string.  Here is an article on how to set it up:

http://technet2.microsoft.com/WindowsServer/en/Library/9d9bad05-24ed-4840-b221-9ae7b09a93f31033.mspx?mfr=true

0
 
LVL 1

Assisted Solution

by:nakoz69
nakoz69 earned 167 total points
ID: 17052776
The default for read only strings is normally PUBLIC and the write string is PRIVATE, but you can set them to what ever you perfer.

0
 
LVL 4

Assisted Solution

by:xcromx
xcromx earned 167 total points
ID: 17052928
You have to setup community strings under your SMTP service
You may need a read string and also a reader string...

Example for solarwind network monitor
pmgreader    read
pmgauthor    read/write
0
 
LVL 8

Author Comment

by:plq
ID: 17053121
I'm just doing this

    snmpwalk -v2c -c public 192.168.1.19

It works on all xp and 2000 machines without any setup. I will check through the service property sheets now..
0
 
LVL 8

Author Comment

by:plq
ID: 17053244
OK I've allowed snmp requests from any address, and I've added the public string into the community strings box, adn I've added traps on every ip address on the network, but still no luck, and still working ok on other pcs ??
0
 
LVL 57

Accepted Solution

by:
giltjr earned 166 total points
ID: 17054136
Can you install a SNMP browswer on the server and try from the server?

Have you verified tha tthe SNMP service is up and running on the server?

     netstat -an | find "161"

You should get back:

       UDP    0.0.0.0:161            *:*
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Expert Comment

by:nakoz69
ID: 17055928
Check the event viewer on the 2003 server and see if there are any SNMP errors or timeouts when trying to connect to the service.
0
 
LVL 8

Author Comment

by:plq
ID: 17057187
OK..

1. netstat returns exactly what you said.

           UDP    0.0.0.0:161            *:*

2. I installed an snmp browser on the 2003 box. It can snmpwalk other machines but it cant snmpwalk itself

          snmpwalk -v2c -c public 192.168.1.13
          snmpwalk -v2c -c public 127.0.0.1

(same with v1). The error is "Timeout : no response from 192.168.1.13"

3. The only stuff related to snmp in the event log is a successful entry as follows:

         The SNMP Service configuration has been updated successfully.

         For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.



So.. still in the dark. Any more ideas ? thanks for your efforts so far..
0
 
LVL 8

Author Comment

by:plq
ID: 17107084
Still not working, and no more ideas...
0
 
LVL 57

Expert Comment

by:giltjr
ID: 17107220
Is the PIX ("Cisco 501") confgured to allow SNMP traffic to/from the host?
Are you using the correct IP address?  Normally when a host is behind a firewall you do not use it real IP address, normally it is NAT'ed and you have to use the NAT address.

I would suggest tracing the network traffic from both you PC and from the host to make sure traffic is getting through.
0
 
LVL 8

Author Comment

by:plq
ID: 17107642
Thanks for returning to this question. It wasnt listed as an SNMP client on the firewall so I added it. Now it can snmpquery the firewall but it can't snmpquery itself.. None of the other clients can snmp query this box either so its got to be something about windows 2003. Windows firewall is off.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 17107756
You have checked the SNMP settings on the server to verify that you are using the correct community name and that the IP address of your PC is autorized/allowed to send SNMP queires?

I would install a packet capture utility on the Windows server start it up and see what it can see.

I beleive that all version of Windows Server OS come with MS's netmon utility or you can install Wireshark, http://www.wireshark.org (used to be called Ethereal).


0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now