search cancel

How to configure firewall to allow SNMP communication with BMC PATROL devices


Article ID: 202701


Updated On:


CA Spectrum CA eHealth


As documented at BMC PATROL devices use SNMP port 8161. Port 161 is an industry standard, while port 8161 is a BMC PATROL standard. By running on port 8161, you can avoid possible conflicts with operating system vendors who are already using port 161 for an SNMP agent. 

In  linux firewall environment you may get "MANAGMENT AGENT LOST" alarms on these devices because Spectrum cannot poll them. 

How to configure the firewall to allow Spectrum SNMP communication with these devices?


Release : 20.2

Component : Spectrum Core / SpectroSERVER


The simple workaround solution for PATROL SNMP system architecture, which uses ports patrol(8160) and patrol-snmp(8161) on linux firewalld server is:

firewall-cmd --permanent --new-service=custom-snmp

firewall-cmd --permanent --service=custom-snmp --set-description="Workaround for PATROL SNMP system architecture"

firewall-cmd --permanent --service=custom-snmp --set-short="patrol-snmp"

firewall-cmd --permanent --service=custom-snmp --add-source-port=8160-8161/udp

firewall-cmd --permanent --service=custom-snmp --add-source-port=8160-8161/tcp

firewall-cmd --permanent --add-service=custom-snmp

firewall-cmd --reload