Version: 6.4

Junos OS

To configure SNMP on a Juniper Junos device, follow these steps:

Access the switch CLI

Connect to your Juniper EX switch via SSH or a console cable. If connecting via SSH, use a tool like PuTTY or the built-in SSH client in your terminal, and enter the switch's IP address, username, and password to log in.

Enter configuration mode

Once logged in, enter configuration mode by typing the following command:

configure

Configure SNMP settings

a. To configure the SNMP community string, use the following command:

set snmp community COMMUNITY_STRING_NAME authorization read-only

Replace COMMUNITY_STRING_NAME with the desired SNMP community string (e.g., public).

b. To restrict SNMP access to specific IP addresses or networks, use the following command:

set snmp community COMMUNITY_STRING_NAME clients x.x.x.x/y

Replace COMMUNITY_STRING_NAME with the SNMP community string you previously defined, and x.x.x.x/y with the IP address or network CIDR (e.g., 192.168.1.0/24).

c. To configure the SNMP system contact, location, and description, use the following commands:

set snmp contact "CONTACT_INFORMATION"
set snmp location "DEVICE_LOCATION"
set snmp description "DEVICE_DESCRIPTION"

Replace CONTACT_INFORMATION, DEVICE_LOCATION, and DEVICE_DESCRIPTION with the appropriate information for your switch.

Configure SNMPv3 (optional)

If you want to use SNMPv3 for increased security, you can configure SNMPv3 settings as follows:

a. To create an SNMPv3 user, use the following command:

set snmp v3 usm local-engine user SNMPv3_USER_NAME authentication-md5 authentication-password SNMPv3_AUTH_PASSWORD privacy-des privacy-password SNMPv3_PRIV_PASSWORD

Replace SNMPv3_USER_NAME, SNMPv3_AUTH_PASSWORD, and SNMPv3_PRIV_PASSWORD with the desired SNMPv3 username, authentication password, and privacy password, respectively.

b. To configure the SNMPv3 user access, use the following command:

set snmp v3 vacm security-to-group security-model usm security-name SNMPv3_USER_NAME group SNMPv3_GROUP_NAME

Replace SNMPv3_USER_NAME with the SNMPv3 username you previously defined, and SNMPv3_GROUP_NAME with a desired group name for this user (e.g., snmpv3group).

c. To configure the SNMPv3 group access, use the following command:

set snmp v3 vacm access group SNMPv3_GROUP_NAME default-context-prefix security-model usm security-level privacy read-view all

Replace SNMPv3_GROUP_NAME with the SNMPv3 group name you previously defined.

Commit and save the changes

After configuring the SNMP settings, commit and save the changes by entering the following commands:

commit
save

Exit configuration mode

Type exit to leave configuration mode and return to the Juniper EX switch CLI.

Verify the configuration

To verify that SNMP is configured correctly, use the following command:

show snmp

This command should display the SNMP settings you just configured.

Once you've completed these steps, your Juniper Junos device will be configured for SNMP monitoring. Ensure your ElastiFlow Unified SNMP Collector is set up to communicate with the device using the appropriate SNMP community string or SNMPv3 credentials. This will allow you to monitor the devices's performance and gather statistics. Remember to follow best practices for SNMP security, such as using SNMPv3 with encryption and authentication, restricting SNMP access to specific IP addresses or networks, and regularly updating SNMP community strings or credentials.

Access the switch CLI​

Enter configuration mode​

Configure SNMP settings​

Configure SNMPv3 (optional)​

Commit and save the changes​

Exit configuration mode​

Verify the configuration​