You can do a lot of configuration of ESXi through the GUI, but one thing I’ve found that you cannot do is configure SNMP.
I can see in the GUI that SNMP service is stopped, and that’s about it:
- Even if you can manage to get the service started from the GUI, you’ll still have to set your community string somehow. I couldn’t exactly find a place to set that, so it’s off to the CLI we go.
So here’s how to enable SNMP and configure the community string/firewall on ESXi 6.0 or 6.5:
1. SSH to host
- SSH should be enabled. If not, enable it.
2. Set SNMP community string
- Enter the following command to set your string, replacing YOUR_COMM_STRING with your own.
esxcli system snmp set --communities YOUR_COMM_STRING
3. Enable SNMP service
- Enter the following command to enable the SNMP service
esxcli system snmp set --enable true
4. Adjust firewall
- Chances are that your ESXi firewall is already allowing this traffic, but just in case, allow connections from anywhere.
esxcli network firewall ruleset set --ruleset-id snmp --allowed-all true esxcli network firewall ruleset set --ruleset-id snmp --enabled true
- A more secure approach would be to restrict access to a range of IPs or a particular host. In this case, we are only allowing
192.168.0.0-192.168.0.254
to poll SNMP.
esxcli network firewall ruleset set --ruleset-id snmp --allowed-all false esxcli network firewall ruleset allowedip add --ruleset-id snmp --ip-address 192.168.0.0/24 esxcli network firewall ruleset set --ruleset-id snmp --enabled true
5. Restart SNMP service
/etc/init.d/snmpd restart
It took a good 30-45 seconds for the service to restart on my host. Once this is done, you can confirm that the service is running via GUI:
That’s it!
- Here’s a transcript of my shell session, for your reference:
[root@r220:~] esxcli system snmp set --communities TYLERMADECOMM [root@r220:~] esxcli system snmp set --enable true [root@r220:~] esxcli network firewall ruleset set --ruleset-id snmp --allowed-all true Already allowed all ip [root@r220:~] esxcli network firewall ruleset set --ruleset-id snmp --enabled true [root@r220:~] /etc/init.d/snmpd restart root: snmpd Running from interactive shell, running command: esxcli system snmp set -e false. root: snmpd setting up resource reservations. root: snmpd opening firewall port(s) for notifications. root: snmpd watchdog for snmpd started. [root@r220:~]
Personally I am utilizing OpenNMS Horizon to graph the SNMP Interface Data for the VM Network. Another popular alternative that I have used is LibreNMS which is much better graphically in my opinion.
I hope this helps. Thank you for reading.
22 Comments
Geandson Santos · February 3, 2020 at 7:57 am
Muito obrigado! Aqui funcionou perfeitamente.
Stevenes · December 9, 2019 at 12:43 pm
Thank’s!
haikalshiddiq · May 15, 2019 at 3:55 am
Thanks bro for your article. very helpful with detail step 😀
Farhan · September 4, 2018 at 7:29 am
Hi SNMP on ESXi5.5 is not working, I have 3 Hosts in cluster, SNMP on two are working but one host is creating problem.
here is the error message when i test it using SNMPWALK:
%Failed to get value of SNMP variable. Timeout.
I have restarted the snmp service re-configure using commands mentioned in this post but still facing problem.
Any thoughts would be appreciated.
Thanks
server user · August 28, 2018 at 4:30 pm
thanks work for me too
Gayan · August 2, 2018 at 10:33 pm
Worked for my Dell R640 ESXI 6.5 . Many thanks.
Android · June 14, 2018 at 3:21 pm
Is This Configuration for SNMP Trap Monitoring or SNMP Polling?
Tyler Woods · June 27, 2018 at 1:29 am
SNMP polling
Rich Ericksen · June 7, 2018 at 12:31 am
i know this guy, and found this website randomly 🙂 It helped, thanks tyler.
--wolfegang76 · February 7, 2018 at 3:46 pm
Do these custom firewall settings persist across reboots??? From what I’ve read, firewall changes do not persist unless you create a custom VIB and install it on the host…
Nikolay Nikolov · December 28, 2017 at 5:28 am
Thank you!! I’ve done this to my 4 esxi 6.5 hosts and all of them works fine!
Thank you again Tyler!
Michael MacFaden · October 27, 2017 at 11:12 am
BTW, To view the set of firewall rules:
esxcli network firewall ruleset rule list
Michael MacFaden · October 27, 2017 at 11:08 am
Now that its 2017, SNMPv3 has been a standard for 15 years .
Please consider using a SECURE protocol, for both ESXi and Virtual Center Server
configure your SNMP agents as follow:
http://blog.epijunkie.com/2015/03/enable-snmpv3-on-vmware-vcsa-6-0/
Tyler Woods · October 27, 2017 at 11:12 am
I appreciate your input, Michael!
Thanks,
Tyler Woods
perry · October 10, 2017 at 12:51 pm
Thanks for the guide Tyler. This worked perfectly on my host running ESXi 6.5.0 build-4564106. Your guide is infinitely easier to follow than the official guide from VMWare.
Cheers
Tyler Woods · October 11, 2017 at 1:37 am
Perry, I’m happy that this worked for you and that it is easier to understand than the VMware KB
Thank you for your feedback!
ibmnew · October 10, 2017 at 11:11 am
The best and working guide I have seen on all my searches at VMWare. This site is so not user friendly. You nailed it, many thanx! Nice work.
Tyler Woods · October 11, 2017 at 1:33 am
Thank you for your kind words! I’m really glad this worked out for you.
turnpike420 · July 19, 2017 at 10:40 am
ESXi 6.0.0 build 4600944: when I follow the above and run “esxcli system snmp get” just before running the restart command it returns Enable: true; however after I run the restart command it returns Enable: false so I have to re-run “esxcli system snmp set –enable true”. Only then can I snmpwalk the ESXi system. Also, Enable: true is not persistent after an ESXi host reboot. The firewall and community name settings appear to remain persistent after reboot. I added the enable true line to /etc/rc.local.d/local.sh and that made it persistent after reboot.
Attivazione di SNMP su VMWare ESXi 6.0/6.5 – ServerBay.it - Tutto quello che c'è da Sapere sul mondo Server · September 7, 2018 at 10:26 am
[…] Condivido questo LINK che ho trovato particolarmente interessante. Attivazione di SNMP su VMWare ESXi 6.0/6.5 : LINK […]
על לינוקס, VMWare וטעות הקשורה לחיישנים – הבלוג של חץ ביז · May 5, 2018 at 2:47 pm
[…] אז מה קורה פה? מי שיקרא את המאמר הזה יבין שגם אם הוא יתאמץ וינדנד ליצרן לקבל VIB מתאים, יגלה שזה לא יעזור. יש באג, ועד כה (יצא כבר 6.7) זה לא תוקן. המסקנה: רוצה לנטר את המכונות ושדרגת ל-vCenter 6.5 ומעלה? תתחיל לנטר את המכונות עצמם. איך? קרא כאן. […]
دانلود ESXi VMware نسخه 6 – مجله کلیک · November 15, 2017 at 1:20 am
[…] How to enable SNMP monitoring for VMWare ESXi 6065 […]