- NTP
- Logging
- SNMPv3
# NTP
R1#show clock
*14:23:17.119 UTC Mon Aug 4 2014
! Change time zone
R1(config)#clock timezone PST -8
R1(config)#clock summer-time PDT recurring
! Configure NTP Server
R1(config)#ntp server 38.229.71.1
! For Debug Use:
R1#debug ntp packets
! Verify NTP server configuration
R1#show ntp associations
address ref clock st when poll reach delay offset disp
*~38.229.71.1 204.123.2.72 2 59 64 377 135.8 -1.20 1.0
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
R1#show ntp associations detail
38.229.71.1 configured, our_master, sane, valid, stratum 2
ref ID 204.123.2.72, time D789FAD1.1ACDEE21 (12:28:01.104 UTC Mon Aug 4 2014)
our mode client, peer mode server, our poll intvl 64, peer poll intvl 64
root delay 54.52 msec, root disp 22.20, reach 377, sync dist 119.720
delay 135.85 msec, offset -1.1982 msec, dispersion 2.33
precision 2**20, version 3
org time D789FB2C.A11B70B4 (12:29:32.629 UTC Mon Aug 4 2014)
rcv time D789FB2C.C27C97CA (12:29:32.759 UTC Mon Aug 4 2014)
xmt time D789FB2C.8B331998 (12:29:32.543 UTC Mon Aug 4 2014)
filtdelay = 215.19 139.95 143.98 139.95 139.50 135.85 135.88 135.83
filtoffset = -22.79 -2.95 1.56 0.30 -0.32 -1.20 -0.26 0.16
filterror = 0.02 0.99 1.01 1.02 1.04 1.05 1.07 1.08
R1#show ntp status
Clock is synchronized, stratum 3, reference is 38.229.71.1
nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**18
reference time is D789FB2C.C27C97CA (12:29:32.759 UTC Mon Aug 4 2014)
clock offset is -1.1982 msec, root delay is 190.37 msec
root dispersion is 25.74 msec, peer dispersion is 2.33 msec
! If using Authentication
R1(config)#ntp update-calendar
R1(config)#ntp authentication-key 1 md5 cisco123
R1(config)#ntp authenticate
R1(config)#ntp trusted-key 1
R1(config)#ntp server x.x.x.x key 1 source fas0/0 prefer
# Logging
R1(config)#logging on
R1(config)#logging buffered informational
R1(config)#logging host 192.168.1.129
R1(config)#logging trap debugging
R1(config)#do show logging
Syslog logging: enabled (12 messages dropped, 0 messages rate-limited,
0 flushes, 0 overruns, xml disabled, filtering disabled)
No Active Message Discriminator.
No Inactive Message Discriminator.
Console logging: level debugging, 261 messages logged, xml disabled,
filtering disabled
Monitor logging: level debugging, 0 messages logged, xml disabled,
filtering disabled
Buffer logging: level informational, 261 messages logged, xml disabled,
filtering disabled
Logging Exception size (8192 bytes)
Count and timestamp logging messages: disabled
Persistent logging: disabled
No active filter modules.
ESM: 0 messages dropped
Trap logging: level debugging, 25 message lines logged
Logging to 192.168.1.129 (udp port 514, audit disabled,
authentication disabled, encryption disabled, link down),
0 message lines logged,
0 message lines rate-limited,
0 message lines dropped-by-MD,
xml disabled, sequence number disabled
filtering disabled
Log Buffer (8192 bytes):
# SNMP
! Create access list for SNMP
R1(config)#access-list 10 permit 192.168.1.129
R1(config)#access-list 10 deny any log
R1(config)#do show access-list
Standard IP access list 10
10 permit 192.168.1.129
20 deny any log
! Configure SNMP v3
R1(config)#snmp-server engineID local 123456789A
R1(config)#snmp-server group G1 v3 priv access 10
* Note:
auth (Authentication, No Encryption)
noauth (No Authentication, No Encryption)
priv (Authentication, Encryption)
! Create User
R1(config)#snmp-server user U1 G1 v3 auth sha a-Pass priv aes 128 e-Pass
Aug 4 13:35:23.133: Configuring snmpv3 USM user, persisting snmpEngineBoots. Please Wait...
* Note: This configuration do not save in running-config
R1(config)#do show run | in U1
Blank
! To Verify SNMP user
R1(config)#do show snmp user
User name: U1
Engine ID: 123456789A
storage-type: nonvolatile active
Authentication Protocol: SHA
Privacy Protocol: AES128
Group-name: G1
! Configure SNMP Host
R1(config)#snmp-server host 192.168.1.129 traps version 3 auth U1
R1(config)#snmp-server enable traps syslog
! Configure ManageEngine MibBrowser
! Verify CPU Usage
R1(config)#do show proce cpu sor | in ^CPU|SNMP ENGINE
CPU utilization for five seconds: 14%/100%; one minute: 13%; five minutes: 6%
233 8932 1044 8555 0.00% 4.77% 2.36% 0 SNMP ENGINE
*Note: SNMP is configured and Works fine
! Check Encryption using Wireshark
! Capture SNMP Traffic
! Configure Wireshark with User and Pass to see Content of SNMP
Steep 1:
