This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall SNMP to UNMS/ UISP

I am attempting to add my XG firewall to Ubiquiti's "UISP" which used to be called UNMS.   

The UISP will add 3rd party routers and switches that has SNMP.

It wants the public IP  and SNMP Community string.  Ive tried a few things such as the name as the community string such as Public and the actual name of the SNMP agent.  Turned on the ping

Within the XG v19.0

.--Admin-- SNMP I have:

Enabled the SNMP agent and named it XG125 Firewall

 --Created  a SNMPv2 and v2c trap.. Put the IP for UISP in it. -- Enabled query and trap support (Named it XG125 Sophos)

In System Services -- Notification list/  I turned on the SNMP traps and checked various notifications 

--Network-- Zones--  LAN I have SNMP checked for the Device access. 

Doesn't work... So then, I have tried each one of these. 

I also turned it on in WAN

I then added a rule 

Accept- Source Zones-LAN/WAN, Network ( UISP's IP) ... Destination Zone- LAN/WAN. Network (UISP's IP) , Services= SNMP

Then I changed the rule to any zone/network with service SNMP

Then I added/ Linked a SNMP NAT rule

Nothing

------------------------------------------------------------------

On the UISP I'm not sure if the SNMP community string is "Public" or something from inside of the XG such as the name of the SNMP agent or name or the name of the trap.  I have tried all of them. I'm just not sure if my SNMP traffic is getting out.  I have 3rd party devices added that is not behind my firewall such as Mikrotik switches.. which the community string "public" works.



This thread was automatically locked due to age.
Parents
  • Hello there,

    Thank you for contacting the Sophos Community.

    To confirm if the XG is sending out info to your SNMP, you can do a TCP dump on Ports 161 and 162 from the Advanced Shell of the XG (You would need to SSH in to the XH and press 5 >3 to land in the Advanced Shell)

    Then run the following:

    # tcpdump -eni any port 161 or port 162

    If it is working you should see something like this:

    2:51:23.955548 Port1, OUT: Out 7c:5a:1c:79:37:97 ethertype IPv4 (0x0800), length 108: 172.16.15.254.48080 > 172.16.15.100.162: F=r U="" E= C="" GetRequest(14)
    12:51:24.955854 Port1, OUT: Out 7c:5a:1c:79:37:97 ethertype IPv4 (0x0800), length 211: 172.16.15.254.36062 > 172.16.15.100.162: C="PRTG" V2Trap(152) .1.3.6.1.2.1.1.3.0=3176 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.3 .1.3.6.1.2.1.2.2.1.1.79=79 .1.3.6.1.2.1.2.2.1.2.79="spq" .1.3.6.1.2.1.2.2.1.7.79=2 .1.3.6.1.2.1.2.2.1.8.79=2 .1.3.6.1.6.3.1.1.4.3.0=.1.3.6.1.4.1.8072.3.2.10
    12:51:24.955910 Port1, OUT: Out 7c:5a:1c:79:37:97 ethertype IPv4 (0x0800), length 184: 172.16.15.254.40028 > 172.16.15.100.162: C="PRTG" Trap(126) .1.3.6.1.4.1.8072.3.2.10 169.254.234.5 linkDown 3176 .1.3.6.1.2.1.2.2.1.1.79=79 .1.3.6.1.2.1.2.2.1.2.79="spq" .1.3.6.1.2.1.2.2.1.7.79=2 .1.3.6.1.2.1.2.2.1.8.79=2 .1.3.6.1.6.3.1.1.4.3.0=.1.3.6.1.4.1.8072.3.2.10
    12:52:02.977349 Port1, IN: In 3c:18:a0:0a:b1:e0 ethertype IPv4 (0x0800), length 85: 172.16.15.100.59690 > 172.16.15.254.161: GetRequest(26) .1.3.6.1.2.1.1.3.0
    12:52:02.977899 Port1, OUT: Out 7c:5a:1c:79:37:97 ethertype IPv4 (0x0800), length 108: 172.16.15.254.48080 > 172.16.15.100.162: F=r U="" E= C="" GetRequest(14)
    12:52:03.979196 Port1, OUT: Out 7c:5a:1c:79:37:97 ethertype IPv4 (0x0800), length 138: 172.16.15.254.36062 > 172.16.15.100.162: C="PRTG" V2Trap(81) .1.3.6.1.2.1.1.3.0=7079 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.6.3.1.1.5.5 .1.3.6.1.6.3.1.1.4.3.0=.1.3.6.1.4.1.8072.3.2.10

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • # tcpdump -eni any port 161 or port 162     Does show just as you described. 

Reply Children