# How to query snmpd from outside ?

## dcreatorx

Hi, I'm trying to monitor with nagios all the interfaces of our gentoo servers. I've got the scripts running good with routers and other devices, but on the linux boxes, when I query then from outside I get a time out. I can only query from localhost. I have been trying to configure snmpd.conf properly, but I can't get it right. Since our network is secured inside, we don't need extreme security on that field. I only want to query the servers from the nagios host 192.168.3.29. Can somebody explain in a fast way how to do that ? Thanks.

EDIT : when I do a cat /var/log syslog | grep snmpd  I get the following lines : 

Jan 29 10:49:01 asterisk-pimec snmpd[6190]: Connection from UDP: [127.0.0.1]:33478

This lines are written when I do a query from the local machine. Outside queries are not written to the syslog. So it's not even trying to connect or it gets refused before reaching the daemon.

Thanks.

----------

## Janne Pikkarainen

So, you did setup a row like this to snmpd.conf?

```
rocommunity yoursupersecretcommunitystring 192.168.3.29
```

If that's right, are you sure there are no firewalls whatsoever sitting between your Nagios server and your servers?

----------

## dcreatorx

I put the line but still timing out, no network problems . . nagios is querying by NRPE various services there. 

```

rocommunity public 192.168.3.29

#       sec.name  source          community

#com2sec paranoid  default         public

com2sec  readonly  default         public

#com2sec readwrite default         private

```

----------

## Janne Pikkarainen

And Nagios is passing public as a community string? What if you try something like

```
snmpwalk -c public -v2c your.server
```

from Nagios server?

----------

## dcreatorx

That's what I get, it's a timeout :

```

Timeout: No Response from 192.168.3.40

```

That's what I thought from the beginning. It seems to be more of a network-oriented problem.

But I can't figure out, there are no fw's in that net and Nagios is querying  ( not by SNMP ) the server. By the NRPE port, etc.

Thanks.

----------

## dcreatorx

I'm doing an UDP port scan to see if something happens. Obviously as I stated before, all TCP ports that are serving something are up and unfiltered.

----------

## dcreatorx

Ok, as I expected . . . . 

```

17/udp    open|filtered qotd

111/udp   open          rpc

256/udp   open|filtered rap

666/udp   open|filtered doom

701/udp   open|filtered unknown

738/udp   open|filtered unknown

774/udp   open|filtered acmaint_dbd

785/udp   open|filtered unknown

803/udp   open|filtered unknown

842/udp   open|filtered unknown

1435/udp  open|filtered ibm-cics

2033/udp  open|filtered glogger

5060/udp  open|filtered sip

32779/udp open          rpc

```

No port 161 or 162 are listening outside. Any tips ?

----------

## Janne Pikkarainen

How about netstat -tlnp performed at your server? Does it show that snmpd really is listening at all interfaces, and not bonded to 127.0.0.1:161?

----------

## Janne Pikkarainen

Whoops, I mean netstat -an.

----------

## dcreatorx

Listening to LOCAL only : 

```

udp        0      0 127.0.0.1:161           0.0.0.0:*

```

I can't figure out how to make it listen to outside . .

----------

## dcreatorx

Done. It's a pity that the documentation doesn't say nothing about this. 

in /etc/default/snmp : The line SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 172.0.0.1'

Should be like this SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid'

So the process don't get bind only to localhost.

Thank you.

----------

