How can we help?

How to enable SNMP on Watchguard firewalls

Follow

There are three core steps to getting SNMP running on your Watchguard firewall:

Let’s get started.

Enable the SNMP daemon

From within the Watchguard System Manager for your firewall:

  1. Select Setup > SNMP.
  2. Decide whether you want to configure SNMPv2c or SNMPv3.
    1. SNMPv2c:
      1. Type the Community String you’d like the Auvik collector to use when polling your device.
    2. SNMPv3:
      1. User Name — Type the user name for SNMPv3 authentication and privacy protection.
      2. Authentication Protocol — Select MD5 (Message Digest 5) or SHA (Secure Hash Algorithm).
      3. Authentication Password — Type and confirm the authentication password.
      4. Privacy Protocol — Select DES (Data Encryption Standard) to encrypt traffic or None to not encrypt SNMP traffic.
      5. Privacy Password — Type and confirm a password to encrypt outgoing messages and decrypt incoming messages.
  3. To enable NAT for all SNMP connections through your Firebox or XTM device, select the Use NAT for connections through the SNMP application layer gateway checkbox.
  4. Click OK.

Add a SNMP firewall policy

To enable your Firebox or XTM device to receive SNMP polls, you must add an SNMP policy. When you configure SNMP, Policy Manager automatically prompts you to add an SNMP policy.

In the New Policy Properties dialog box:

  1. In the From section, click Add. The Add Address dialog box appears.
  2. Click Add Other. The Add Member dialog box appears.
  3. From the Choose Type drop-down list, select Host IP.
  4. In the Value text box, type the IP address of your SNMP server computer.
  5. Click OK to close the Add Member dialog box.
  6. Click OK to close the Add Address dialog box. The Policy tab of the new policy appears.
  7. In the To section, click Add. The Add Address dialog box appears.
  8. From the Available Members list, select Firebox. Click Add. Firebox appears in the Selected Members and Addresses list.
  9. Click OK to close the Add Address dialog box.
  10. Click OK to close the New Policy Properties dialog box.
  11. Click Close.

Add the new SNMP credential to Auvik

If you’ve configured a non-standard SNMPv2c community string (i.e., not “public” or “private”) or have enabled SNMPv3 for your Watchguard Firewall, you’ll need to add the new credential into Auvik so the collector can poll it.

Follow these steps to add your new SNMP credential to Auvik.

You're all done!

Sources: http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/basicadmin/snmp_enable_polling_c.html

Was this article helpful?
2 out of 3 found this helpful
Have more questions? Submit a request