FreeRADIUS Wiki	Main Page | About | Help | FAQ | Special pages | Log in
	Printable version | Disclaimers | Privacy policy

SNMP HOWTO

From FreeRADIUS Wiki

Contents 1 Build FreeRADIUS with SNMP Support 2 Configuration 2.1 raddb/radiusd.conf 2.2 raddb/snmp.conf 2.3 snmpd.conf 3 Verification 4 SNMP Query

Build FreeRADIUS with SNMP Support

The configure option --with-snmp is enabled by default, so if you have the SNMP libraries correctly installed on your system, your FreeRADIUS build should include SNMP support.

Configuration

Items in bold can be changed per your requirements.

raddb/radiusd.conf

snmp = yes
$INCLUDE  ${confdir}/snmp.conf

raddb/snmp.conf

smux_password = verysecret
snmp_write_access = no

snmpd.conf

NOTE: This example uses Net-SNMP 5.1.2 built with ucd-snmp compatibility. It should work with most versions of net-snmp and ucd-snmp.

smuxpeer .1.3.6.1.4.1.3317.1.3.1 verysecret

For FreeRADIUS versions 2.0.0-pre1 and higher, use the line below. Some versions of 2.0.0-pre0 used 3317 or 11344 as the SNMP enterprise number. The output from debug mode should identify which number to use.

smuxpeer .1.3.6.1.4.1.11344.1.3.1 verysecret

Verification

When running FreeRADIUS in debug mode (radiusd -X), you should see output similar to the following:

 main: smux_password = "verysecret"
 main: snmp_write_access = no
SMUX connect try 1
SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
SMUX open progname: radiusd
SMUX open password: verysecret
SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
SMUX register priority: -1
SMUX register operation: 1
SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
SMUX register priority: -1
SMUX register operation: 1
SMUX read start
SMUX read len: 12
SMUX message received type: 67 rest len: 4
SMUX_RRSP
SMUX_RRSP value: 0 errstat: 0

SNMP Query

The SNMP MIB files for RADIUS are located in the mibs directory of the FreeRADIUS source. Once your server is configured and connected to the local SNMP server, you can begin gathering useful information.

$ snmpwalk -v 1 -m /path/to/RADIUS-AUTH-SERVER-MIB.txt -c snmp_read_key your.radius.host radiusAuth
RADIUS-AUTH-SERVER-MIB::radiusAuthServIdent.0 = STRING: FreeRADIUS Version 2.0.0-pre0, for host i686-pc-linux-gnu, built on Sep 14 2006 at 13:51:51
RADIUS-AUTH-SERVER-MIB::radiusAuthServUpTime.0 = Timeticks: (1100) 0:00:11.00
RADIUS-AUTH-SERVER-MIB::radiusAuthServResetTime.0 = Timeticks: (1100) 0:00:11.00
RADIUS-AUTH-SERVER-MIB::radiusAuthServConfigReset.0 = INTEGER: running(4)
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalAccessRequests.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalInvalidRequests.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalDupAccessRequests.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalAccessAccepts.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalAccessRejects.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalAccessChallenges.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalMalformedAccessRequests.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalBadAuthenticators.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalPacketsDropped.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthServTotalUnknownTypes.0 = Counter32: 0
RADIUS-AUTH-SERVER-MIB::radiusAuthClientAddress.1 = IpAddress: ...
radiusAuthClient output removed

Edit this page | Discuss this page | Page history | What links here | Related changes Main Page | About FreeRADIUS Wiki | Find: This page has been accessed 8,773 times. This page was last modified 21:14, 16 May 2007.