Hello everyone,
I’ve encountered an issue that cropped up after restoring my MikroTik 750Gr3 from a backup. SNMP decided it’s on a hiatus (Timeout: No Response from 10.8.145.1). Restored from a backup with a fully functional setup, I even did a double-check just to be thorough. SNMP is up and running, communities are configured, and the firewall is green-lighting traffic on udp port 161. Packet movement is evident too. However, attempts to access it via Zabbix or ‘snmpwalk’ yield a frustrating “Timeout: No Response from [device]”.
Running firmware version 7.14.3.
Any insights on how to tackle this hurdle?
[Nevian@MikroTik-Gate] /snmp> print
enabled: yes
contact:
location: Home
engine-id-suffix: F80DAC19322A
engine-id: 80003a8c04463830444143313933323241
src-address: ::
trap-target: 10.8.145.3
trap-community: rpi2-snmp
trap-version: 3
trap-generators: interfaces
vrf: main
[Nevian@MikroTik-Gate] /snmp> /tool sniffer quick interface=bridge-local port=snmp
Columns: INTERFACE, TIME, NUM, DIR, SRC-MAC, DST-MAC, SRC-ADDRESS, DST-ADDRESS, PROTOCOL, SIZE, CPU
INTERFACE TIME NUM DIR SRC-MAC DST-MAC SRC-ADDRESS DST-ADDRESS PROTOCOL SIZE CPU
bridge-local 45.791 20 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:38721 10.8.145.1:161 (snmp) ip:udp 106 1
bridge-local 45.792 21 -> 18:FD:74:4F:F0:72 B8:27:EB:04:FF:7B 10.8.145.1:161 (snmp) 10.8.145.3:38721 ip:udp 157 1
bridge-local 45.792 22 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:38721 10.8.145.1:161 (snmp) ip:udp 191 1
bridge-local 45.793 23 -> 18:FD:74:4F:F0:72 B8:27:EB:04:FF:7B 10.8.145.1:161 (snmp) 10.8.145.3:38721 ip:udp 189 1
bridge-local 53.247 24 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 106 2
bridge-local 53.247 25 -> 18:FD:74:4F:F0:72 B8:27:EB:04:FF:7B 10.8.145.1:161 (snmp) 10.8.145.3:42874 ip:udp 157 3
bridge-local 53.248 26 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 54.249 27 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 55.251 28 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 56.252 29 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 57.253 30 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 58.254 31 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:42874 10.8.145.1:161 (snmp) ip:udp 189 2
bridge-local 73.738 32 <- B8:27:EB:04:FF:7B 18:FD:74:4F:F0:72 10.8.145.3:60520 10.8.145.1:161 (snmp) ip:udp 189 2
[Nevian@MikroTik-Gate] /snmp> /ip f f p wi
Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=forward action=passthrough
1 chain=forward action=fasttrack-connection hw-offload=yes connection-state=established,related
2 chain=forward action=accept connection-state=established,related
3 ;;; Block Torrents
chain=forward action=add-src-to-address-list layer7-protocol=torrent src-address=10.8.145.2 address-list=Torrent-Conn address-list-timeout=none-dynamic
in-interface-list=all log=no log-prefix=""
4 chain=forward action=drop protocol=tcp src-address=10.8.145.2 dst-address-type="" src-address-list=Torrent-Conn
dst-port=!0-1023,1723,1194,5555,5900,5800,3389,8728,8291,14147,5222,59905 log=no log-prefix=""
5 chain=forward action=drop protocol=udp src-address=10.8.145.2 src-address-list=Torrent-Conn
dst-port=!0-1023,1723,1194,5555,5900,5800,3389,8728,8291,14147,5222,59905 log=no log-prefix=""
6 ;;; Block Hackers
chain=input action=reject reject-with=icmp-admin-prohibited src-address-list=blocked_ip in-interface=internet log=yes log-prefix="banned"
7 ;;; WAN Protect
chain=input action=accept protocol=icmp log=no log-prefix=""
8 chain=input action=accept connection-state=established,related log=no log-prefix=""
9 chain=input action=accept protocol=udp in-interface=!internet dst-port=53 log=no log-prefix=""
10 chain=output action=accept protocol=tcp dst-address=45.154.73.71 out-interface=N-VPN dst-port=179 log=no log-prefix=""
11 ;;; Drop Invalid Connections
chain=input action=drop connection-state=invalid in-interface=internet log=no log-prefix=""
12 X chain=forward action=reject reject-with=icmp-network-unreachable src-address=10.8.145.154 log=no log-prefix=""
13 X chain=forward action=reject reject-with=icmp-network-unreachable src-address=10.8.145.181 log=no
14 ;;; DDoS Protect
chain=input action=jump jump-target=detect_DDoS connection-state=new in-interface=internet log=no log-prefix=""
15 chain=detect_DDoS action=return dst-limit=50,50,src-address/1s log=no log-prefix=""
16 chain=detect_DDoS action=add-src-to-address-list address-list=DDoS_black_list address-list-timeout=2h log=no log-prefix=""
17 chain=detect_DDoS action=drop log=no log-prefix=""
18 ;;; LAN Protect
chain=forward action=accept connection-state=new dst-address=10.8.145.2 in-interface=internet log=no log-prefix=""
19 chain=forward action=accept connection-state=new dst-address=10.8.145.3 in-interface=internet log=no log-prefix=""
20 chain=forward action=accept connection-state=new dst-address=10.8.145.4 in-interface=internet log=no log-prefix=""
21 chain=forward action=accept connection-state=new dst-address=10.8.145.5 in-interface=internet log=no log-prefix=""
22 chain=input action=accept protocol=udp src-address=10.8.145.3 dst-port=161 log=no log-prefix=""
23 X chain=input action=accept protocol=udp src-address=10.8.145.1 dst-address=10.8.145.3 dst-port=161 log=no log-prefix=""
24 chain=forward action=drop protocol=udp src-address=10.8.145.4 out-interface=N-VPN log=no log-prefix=""
25 ;;; Block WinBox
chain=input action=drop protocol=tcp in-interface=internet dst-port=8291 log=no log-prefix=""
26 ;;; Block DNS WAN
chain=input action=drop connection-state=new protocol=udp in-interface=internet dst-port=53 log=no log-prefix=""
27 chain=input action=drop connection-state=new protocol=tcp in-interface=internet dst-port=53 log=no log-prefix=""