This section provides additional information for configuring SNMPv3 inform or trap notifications. The steps in Configuring an EngineID add to the following configuration example:
System(su)->set snmp view viewname All subtree 1 System(su)->set snmp user v3user authentication md5 md5passwd privacy despasswd System(su)->set snmp group v3group user v3user security-model usm System(su)->set snmp access v3group security-model usm privacy exact read All write All notify All System(su)->set snmp notify v3notify tag v3tag inform System(su)->set snmp targetaddr v3TA 134.141.209.73 param v3TP taglist v3tag System(su)->set snmp targetparams v3TP user v3user security-model usm message-processing v3 privacy
In the Extreme Networks SNMP implementation, the receiver's EngineID value is used by both the sender and receiver to propagate inform notifications. In order to send and receive SNMP v3 informs in their most secure form (with authentication and privacy enabled), you must configure a user ID and corresponding receiver EngineID on the sender as shown in the example in Configuring an EngineID. This example assumes that NetSight Console is the receiver, and an S- K- and 7100-Series switch is the sender.
Note
The following file location and EngineID are provided as examples. Your settings will vary.Configuring an EngineID adds to the configuration example shown in Configuring an SNMPv3 Inform or Trap Engine ID.
Step | Task | Command(s) |
---|---|---|
1 | If necessary, create an SNMP3 configuration. | Configuring an SNMPv3 Inform or Trap Engine ID. |
2 | On the management station, navigate to and display the Netsight Console SNMP trap configuration file. | C:\Program Files\Extreme Networks\NetSight Shared\snmptrapd.conf |
3 | Determine the EngineID from this line in the configuration file. | oldEngineID 0x800007e5804f190000d232aa40 |
4 | On the Matrix N, define the same user as in the above example (v3user) with this EngineID and with the same Auth/Priv passwords you used previously. | set snmp user v3user remote 800007e5804f190000d232aa40 authentication md5 md5passwd privacy despasswd Note:
You can omit the 0x from the EngineID. You can also use the colon notation like this: 80:00:07:e5:80:4f:19:00:00:d2:32:aa:40 |
5 | Navigate to and display the user configuration on the management station. (This assumes that you have already created the user in Netsight Console, so you will only need to add it to the configuration file of the trap daemon.) | C:\Program Files\Extreme Networks\NetSight Console\Bin\snmptrapd.conf |
6 | Using any plain text editor, add this line to the configuration file. | createuser v3user MD5 md5passwd DES despasswd |
To use traps instead of inform notifications, you would change the preceding configuration as follows:
set snmp notify v3notify tag v3tag trap
createuser -e 0x800015f80300e06314d79c v3user MD5 md5passwd DES despasswd
When you are finished modifying the configuration, save the file and restart the SNMP Trap Service using Netsight Services Manager.
Note
When installed on a Unix platform, the NetSight server must be manually restarted.