There are three core steps to getting SNMP running on your Watchguard firewall:
- Enable the SNMP daemon to accept polling requests
- Add a new SNMP firewall policy to allow management traffic flow
- Add the new SNMP credential to Auvik
Let’s get started.
Enable the SNMP daemon
From within the Watchguard System Manager for your firewall:
- Select Setup > SNMP.
- Decide whether you want to configure SNMPv2c or SNMPv3.
- Type the Community String you’d like the Auvik collector to use when polling your device.
- User Name — Type the user name for SNMPv3 authentication and privacy protection.
- Authentication Protocol — Select MD5 (Message Digest 5) or SHA (Secure Hash Algorithm).
- Authentication Password — Type and confirm the authentication password.
- Privacy Protocol — Select DES (Data Encryption Standard) to encrypt traffic or None to not encrypt SNMP traffic.
- Privacy Password — Type and confirm a password to encrypt outgoing messages and decrypt incoming messages.
- To enable NAT for all SNMP connections through your Firebox or XTM device, select the Use NAT for connections through the SNMP application layer gateway checkbox.
- Click OK.
Add a SNMP firewall policy
To enable your Firebox or XTM device to receive SNMP polls, you must add an SNMP policy. When you configure SNMP, Policy Manager automatically prompts you to add an SNMP policy.
In the New Policy Properties dialog box:
- In the From section, click Add. The Add Address dialog box appears.
- Click Add Other. The Add Member dialog box appears.
- From the Choose Type drop-down list, select Host IP.
- In the Value text box, type the IP address of your SNMP server computer.
- Click OK to close the Add Member dialog box.
- Click OK to close the Add Address dialog box. The Policy tab of the new policy appears.
- In the To section, click Add. The Add Address dialog box appears.
- From the Available Members list, select Firebox. Click Add. Firebox appears in the Selected Members and Addresses list.
- Click OK to close the Add Address dialog box.
- Click OK to close the New Policy Properties dialog box.
- Click Close.
Add the new SNMP credential to Auvik
If you’ve configured a non-standard SNMPv2c community string (i.e., not “public” or “private”) or have enabled SNMPv3 for your Watchguard Firewall, you’ll need to add the new credential into Auvik so the collector can poll it.
You're all done!