3 Replies Latest reply on Dec 14, 2011 2:46 AM by nrms

    Netflow problems

    kristian_tomol13

      Hi All,

      I implemented NPM and NTA on our client..

      I'm having a problem in discovering the routers using NTA

      Our client  have 5 routers lets say R1, R2, R3, R4, R5

      R2, R3, R4, R5 are all  connected to R1 via MPLS.

      I enabled ip flow-export source on R2 at Serial0/1/0.361 

      I enabled ip flow-export source on R3 at Serials0/1/0.160

      I enabled ip flow-export source on R4 at Gigabitethernet0/0

      I enabled ip flow-export source on R2 at Serial0/0/1

       

      I also enabled SNMP on all of these router and I discovered them all on NPM

      I set public as their credential in SNMP

      But when I'm discovering them on NTA using manual discovery

      I'm having an error when I type their credential on the "Read/Write Credential"

      It seems that NTA doesn't accept the credential that I typed.

       

      This scenario happened except  for R4, but for the remaining routers (R2, R3, R5) the one one that I mentioned above are the scenarios that I encountered.

       

      What could be the possible solution for this?

      Please help..

      Thanks

        • Re: Netflow problems
          nrms

          public is normally used as a Read Only SNMP credential. Also, using public is not wise - it is the first thing someone will try if they want to hack into your systems!

          If you do a 'sh run | inc snmp' on the routers, do the 'snmp-server community' lines end with 'RO' or 'RW'?

            • Re: Netflow problems
              kristian_tomol13

              Oh, I see, it seems I figure out my problem.

              I type this on CLI of the routers

              snmp-server community public RW

              I think I have to change public to any secure credential

              Right?

              Thank you very much, I really appreciate your help. 

                • Re: Netflow problems
                  nrms

                  As long as the <string> from the 'snmp-server community <string> RW' command matches the <string> you specify in NTA (and it is an RW line) it should work; even if you have used 'public'.

                  The advice to not use public/private is just best practice since they are a universal default that offers about as much protection as a chocolate tea-cosy!