We have NNM 9.20(UNIX). Our internal client has insisted that SNMP queries from our NNMi management server has caused issues on specific nodes. So we put those nodes in the Excluded IP address section. However, based on the client's node logs(i.e.,community strings & ip address from the NNMi management server shows up in their logs), the SNMP queries continue. How can we have NNMI do the following? "Do not ping, do not SNMP query, do NOTHING on the internal client's nodes". Thanks in advance for any tips
I would ensure that those addresses are not covered by your discovery ranges. Excluded IP addresses behaves a little differently - if you discover a device, and it has some of those IPs, it will still discover the device, but act like those interfaces don't exist.
If those systems are truly so sensitive, they should be disabling SNMP on the devices themselves. Or at least using tight ACLs + different community strings. That is, if they are really serious about SNMP causing problems on those. Or maybe they're just looking to blame the NMS, because, well...it's always the NMS's fault.
Thanks, Lindsay. Unfortunately those IP addresses are covered by our discovery ranges. We have such a wide discovery range that we can't help but try to "discover" the Excluded IP addresses. I think the option will have to be as you suggested, shut off SNMP at the node level. A kludgy way to go for sure, but at least the internal client can't point fingers at the horrific SNMPWALK! :)
One other possibility is to define node-specific communication settings that uses some other SNMP string. Then NNMi will send a handful of polls to that device, but they won't be answered, and so it won't do a full walk.
Or I suppose you could add the device to NNMi, but set it to Unmanaged? That might actually be the best solution here.
Quick question here. If I set the node specific communications settings to use only ICMP, can the node still send back SNMP information on its own and it will be received by NNMi management server? Those nodes have the SNMP configuration set to have the NNMi management server as the trap receiver. The reason I ask is that we trouble ticket on SNMP information sent back by those nodes. Thanks.