1
00:00:00,360 --> 00:00:06,210
In this lab, I've got three Cisco routers running within GNS3 connected to a switch, which

2
00:00:06,210 --> 00:00:08,440
in turn has NPM connected to it.

3
00:00:09,030 --> 00:00:15,750
Here's my NPM server and as an example, I can ping 10.1.100.1.

4
00:00:16,790 --> 00:00:26,780
which is router 1, on router 1 is an example, I can type debug IP ICMP and back on NPM when I ping that 

5
00:00:26,780 --> 00:00:31,300
IP address, I'm getting Echo replies sent on the router.

6
00:00:32,060 --> 00:00:39,170
So the router is receiving the ICMP messages from the NPM server.

7
00:00:39,860 --> 00:00:43,550
So I'll log in, under nodes, Cisco

8
00:00:44,030 --> 00:00:48,100
I can see that I have three routers currently up.

9
00:00:48,980 --> 00:00:54,530
So as an example, router 1 with IP address 10.1.100.1 is shown as up

10
00:00:55,470 --> 00:01:01,770
and I can see some information about that device. Now, in GNS3 I'm going to start capturing

11
00:01:02,160 --> 00:01:07,950
on the link from NPM to the switch, I'll capture traffic on a switch interface.

12
00:01:09,590 --> 00:01:19,520
What I'd like to point out is notice ICMP messages from NPM, the server has an IP address of 10.1

13
00:01:19,850 --> 00:01:20,950
100.100.

14
00:01:21,740 --> 00:01:25,920
That's what we're seeing as the source in the Wireshark capture.

15
00:01:25,940 --> 00:01:28,220
So Echo Ping request

16
00:01:28,880 --> 00:01:32,530
and then here's a response from the router.

17
00:01:32,930 --> 00:01:38,300
So as an example, I could filter for ICMP messages and what we could see.

18
00:01:38,300 --> 00:01:46,490
Here's an example is ICMP message from NPM to router 2 and router 2 replying

19
00:01:47,130 --> 00:01:48,900
we can also do a search for SNMP.

20
00:01:49,610 --> 00:01:56,450
So in this example, we've got an SNMP message from NPM to router 3 opening that up

21
00:01:56,450 --> 00:01:58,730
We can see it's a data request message.

22
00:01:59,300 --> 00:02:01,900
It's trying to get this OID information.

23
00:02:02,630 --> 00:02:09,910
Here's a response back from the router, more response information sent back, notice OID information.

24
00:02:10,310 --> 00:02:14,180
So in the background, NPM is requesting information from the routers.

25
00:02:14,780 --> 00:02:20,210
In this example, it's querying router 2, and router 2 is responding here

26
00:02:20,210 --> 00:02:23,120
it's querying router 3 and so forth and so on.

27
00:02:23,720 --> 00:02:31,250
That information is then displayed in a nice graphical format on the NPM server.

28
00:02:31,670 --> 00:02:36,860
As an example, if I click on router 1, I can see information about this device.

29
00:02:37,370 --> 00:02:45,410
I can see that it's up, see its IP address, see other information, including SYSOBJECTID last boot

30
00:02:46,010 --> 00:02:54,140
I could even click on the Telnet link and launch a telnet application to Telnet directly to the device.