Enable SNMP Services for Firewall-Secured Network Elements
Table of Contents
Expand All
|
Collapse All
Next-Generation Firewall Docs
-
-
- Cloud Management of NGFWs
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
- PAN-OS 9.1 (EoL)
-
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1 & Later
-
-
- Cloud Management and AIOps for NGFW
- PAN-OS 10.0 (EoL)
- PAN-OS 10.1
- PAN-OS 10.2
- PAN-OS 11.0
- PAN-OS 11.1
- PAN-OS 11.2
- PAN-OS 8.1 (EoL)
- PAN-OS 9.0 (EoL)
- PAN-OS 9.1 (EoL)
Enable SNMP Services for Firewall-Secured Network Elements
If you will use Simple Network Management
Protocol (SNMP) to monitor or manage network elements (for example,
switches and routers) that are within the security zones of Palo
Alto Networks firewalls, you must create a security rule that allows SNMP
services for those elements.
You don’t need a security
rule to enable SNMP monitoring of Palo Alto Networks firewalls,
Panorama, or WF-500 appliances. For details, see Monitor Statistics Using SNMP.
- Create an application group.
- Select ObjectsApplication Group and click Add.Enter a Name to identify the application group.Click Add, type snmp, and select snmp and snmp-trap from the drop-down.Click OK to save the application group.Create a security rule to allow SNMP services.
- Select PoliciesSecurity and click Add.In the General tab, enter a Name for the rule.In the Source and Destination tabs, click Add and enter a Source Zone and a Destination Zone for the traffic.In the Applications tab, click Add, type the name of the applications group you just created, and select it from the drop-down.In the Actions tab, verify that the Action is set to Allow, and then click OK and Commit.