How to Enable and Configure SNMP on VMWare ESXi Host?

If you need to monitor the state of your VMWare ESXi servers in your monitoring system, you need to configure SNMP agent on your hosts. In this text we’ll present how to allow and configure SNMP in VMWare ESXi 6.7 (the information is relevant for ESXi 5.5 and newer).

In ESXi, there’s a built-in SNMP agent that may ship and obtain SNMP requests and traps. You can allow and configure an SNMP agent on ESXi hosts in a number of methods: utilizing vCLI, PowerCLI (however not via the vSphere consumer GUI).

SNMP Server in VMWare ESXi

From the vSphere internet interface, you possibly can solely ensure that the “SNMP server” service is operating, change its startup settings or cease/begin the service. Go to your ESXi host -> Configure -> Services -> SNMP Server. The service is stopped by default. Start it.

enable snmp server on vmware esxi host via vsphere client

Enable SSH entry on the ESXi host and join to it utilizing any ssh consumer (I’m utilizing Windows 10 built-in SSH consumer).

To verify the present SNMP settings, run this command:

esxcli system snmp get

esxcli system snmp get

SNMP shouldn’t be configured: all parameters are empty, and the agent is disabled.

Authentication:
Communities:
Enable: false
Engineid:
Hwsrc: indications
Largestorage: true
Loglevel: information
Notraps:
Port: 161
Privacy:
Remoteusers:
Syscontact:
Syslocation:
Targets:
Users:
V3targets:

Configuring SNMP Agent Parameters in ESXi

Specify the monitoring server IP handle (SNMP goal), port (by default, 161 UDP) and SNMP neighborhood title (often, public):

esxcli system snmp set [email protected]/public

Or you possibly can set the neighborhood title as follows:

esxcli system snmp set --communities YOUR_COMMUNITY_STRING

Additionally, you possibly can specify the placement:

esxcli system snmp set --syslocation "Allee 16, Mun, DE"

Contact data:

esxcli system snmp set --syscontact [email protected]
Then allow SNMP service on the ESXi host:

esxcli system snmp set --enable true

To check the SNMP configuration:

esxcli system snmp check

configure snmp on vmware esxi host from cli:

To apply the settings, restart the SNMP agent utilizing this command:

/and so on/init.d/snmpd restart

/etc/init.d/snmpd restart

To reset present settings, use the next command:

esxcli system snmp set –r

To disable SNMP:

esxcli system snmp set --disable true

ESXi Firewall Configuration for SNMP Traffic

You can permit SNMP site visitors in your ESXi host firewall in two methods. To permit SMNP requests from any system on the community:

esxcli community firewall ruleset set --ruleset-id snmp --allowed-all true
esxcli community firewall ruleset set --ruleset-id snmp --enabled true

Or you possibly can permit inbound site visitors from an IP handle of your monitoring server or an IP subnet the place your SNMP servers are situated:

esxcli community firewall ruleset set --ruleset-id snmp --allowed-all false
esxcli community firewall ruleset allowedip add --ruleset-id snmp --ip-address 192.168.100.zero/24
esxcli community firewall ruleset set --ruleset-id snmp --enabled true

Now you possibly can monitor your VMWare ESXi hosts over SNMP.

Change SNMP Settings on ESXi Host Using PowerCLI

If you need to rapidly configure SNMP parameters on a number of ESXi hosts, you should utilize this PowerCLI script:

$ESXi = 'mun-esxi01'
$Community = 'Public'
$Target = '192.168.99.99'
$Port = '161'

#Connection to an ESXi host
Connect-VIServer -Server $sESXiHost
#Clearing the present SNMP settings
Get-VMHostSnmp | Set-VMHostSnmp -ReadonlyCommunity @()
#Configure SNMP parameters
Get-VMHostSnmp | Set-VMHostSnmp -Enabled:$true -AddTarget -TargetCommunity $Community -TargetHost $Target -TargetPort $Port -ReadOnlyCommunity $Community
#Display the present SNMP parameters
$Cmd= Get-EsxCli -VMHost $ESXiHost
$Cmd.System.Snmp.Get()

If you’ve a sophisticated , you possibly can configure SNMP parameters on your ESXi hosts utilizing Host Profiles (Management -> Host Profiles -> your Profile -> SNMP Agent Configuration).

VMWare ESXi SNMPv3 Configuration

We have mentioned how to allow and configure an SNMP agent v1 and v2 on ESXi hosts above. Starting from ESXi 5.1, a extra fashionable protocol model is used: SNMP v3. Use the next instructions to configure safer SNMPv3.

Set authentication and encryption protocols:

esxcli system snmp set -a MD5 -x AES128

Generate hashes for the authentication and encryption passwords (exchange authpass and privhash along with your password):

esxcli system snmp hash --auth-hash authpass --priv-hash privhash --raw-secret

Using the hashes (authhash and privhash), add a person:

esxcli system snmp set -e sure -C [email protected] -u snmpuser/authhash/privhash/priv

Then specify the SNMP goal handle:

esxcli system snmp set –v3targets [email protected]/person/priv/entice

You can remotely verify the SNMP configuration utilizing the Linux snmpwalk software:

snmpwalk -v3 -u snmpuser -l AuthPriv -a SHA -A [email protected] -x AES-X [email protected] 192.168.1.120

Check Also

How to Enable and Configure MPIO on Windows Server 2016/2012R2?

In this text we’ll contemplate how to set up and configure MPIO on Windows Server …

Leave a Reply

Your email address will not be published. Required fields are marked *