Meraki

Community

snmp access to combined networks (MX, MS and MR) thru AutoVPN

Chema-Spain
Getting noticed
yesterday
yesterday

snmp access to combined networks (MX, MS and MR) thru AutoVPN

Hi, customer wants to access Meraki devices instead of accessing the dashboard snmp mib. I have been taking a look at Meraki's reference document. According to it, you can provide RO access just activating a snmp community at template level. As customer NMS is located in his DC, snmp traffic will take the AutoVPN path. Hence it would be encrypted. That's fine, as they still use snmp v2C.

 

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/SNMP_Overview_and_C... 

 

My doubts are:

 

1.- OK, MS and MR I guess they are exposing their LAN/Management IP addresses. Just activating the community at template level it would expose an IP per device?

 

2.- What about the MX? Reading at the documentation it mentions a local internet fw inbound rule must allow snmp flows (Meraki is talking about internet snmp access, not AutoVPN) and that makes me thing they could be exposing just the wan interface public IP address. What if the MX comprises more than one LAN subnet. Would it expose both the wan uplink and also all local vlans?, just one? None?

 

Have anyone tried to access meraki devices using snmp thru AutoVPN so could be in position to solve these doubts?

 

Thanks!

0 Kudos
1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
yesterday
yesterday

(1) Yes, it would enable SNMP on every device.  I suspect this is what your customer wants.

(2) Not if you are accessing it via the LAN.

 

It works fine over AutoVPN.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.