4. Configure SNMP
- Start by installing the needed binaries for receiving the SNMP traps from the Cisco Wireless LAN Controller (net-snmp-utils can be used to debug):
yum install net-snmp net-snmp-utils
- Edit the configuration of the SNMP trap daemon and allow all incoming connections (you can fine tune this setup if you want, but in our case I don’t think that’s really useful):
- And add this at the end of the file:
- Save and exit vi
- Allow the firewall to receive SNMP traps from your Cisco Wireless LAN Controller:
firewall-cmd --zone=public --add-port=162/udp --permanent
⚠️ Please note that we are using the default zone “public” and this design can be enhanced, but is not a part of this post.
- Control that your UDP port was added correctly and permanently to the configuration:
firewall-cmd --zone=public --list-all
- Start the snmptrapd service and enable it at boot time:
systemctl start snmptrapd systemctl enable snmptrapd
- If your setup is ready and working, the Cisco Wireless LAN Controller will fill your log with a lot of authentification messages. You can control that messages arrive by checking the file /var/log/messages:
tail -f /var/log/messages
⚠️ If no messages appear in this log, you need to double check your settings before continuing the next steps.