proxy -v 1 -p 260 -c public localhost .1.3.6.1.4.1.2620
Check Point snmp daemon (cpsnmpd) process is binded to port 260 (as opposed to the default port 161). cpsnmpd can be enabled via cpconfig [select 'SNMP Extensions'] or $FWDIR/bin/cpsnmpd -p 260 command. Since IPSO 3.1, IPSO is able to act as proxy to poll Checkpoint MIBs. I.e, user can poll Checkpoint MIB via port 161.
The following shows the output of snmp polling on port 260 using snmp version 1 & 2c. 'public' was used as snmp community name.
SNMP polling was successfully when SNMP version 1 was used
[root@linux root]# snmpwalk -v 1 -c public 10.58.18.70:260 -On .1.3.6.1.4.1.2620.1.1.25.1.0
.1.3.6.1.4.1.2620.1.1.25.1.0 = STRING: "Standard"
[root@linux root]#
SNMP polling failed when SNMP version 2c was used
[root@linux root]# snmpwalk -v 2c -c public 10.58.18.70:260 -On .1.3.6.1.4.1.2620.1.1.25.1.0
Timeout: No Response from 10.58.18.70:260
[root@linux root]#
SNMP polling using v2c without port 260 was successful
[root@linux root]# snmpwalk -v 2c -c public 10.58.18.70 .1.3.6.1.4.1.2620.1.1.25.1.0
SNMPv2-SMI::enterprises.2620.1.1.25.1.0 = STRING: "Standard"
[root@linux root]#
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.