i want to monitor IPFire via snmp over a vpn connection.
If i do a snmpwalk from the local network i get all the infos but if i try to connect over ovpn or ipsec i get no answer from the snmp daemon. Yes, i have configured the allowed networks in the snmpd.conf but it will not work.
If i look into the network bindings then I can see that snmpd is listening on 0.0.0.0 so this should not be a problem. I also see no block messages in my firewall log so I think the firewall rules are not the problem.
I also temp. disabled the IDS - no change …
Any ideas what i have to change to get this working?
Hello,
I configured my remote firewall’s snmpd.conf file like this:
com2sec localnet 192.168.YY.0/24 public
com2sec local localhost public
com2sec vpnnet 192.168.XX.0/24 public
group localgroup usm localnet
group localgroup v1 localnet
view all included .1
access localgroup "" any noauth exact all none none
####
# Second, map the security names into group names:
# sec.model sec.name
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup usm mynetwork
group MyRWGroup v1 vpnnet
group MyRWGroup v2c vpnnet
group MyRWGroup usm vpnnet
the vpnnet (192.168.XX.0/24) is my remote network from the local firewall, so after restarting the netsnmpd service, from my main firewall I see the snmpd suituation of the remote firewall.
thanks for the reply and your config.
It was a mixture of mistakes on my side and on the IPSec endpoint side.
The IPSec endpoint uchanged the network IP of the connecting device and on my side i had a mistake in the config.