SNMPv3 Inform
An SNMPv3 inform is a notification that the sender will resend up to 3 times or until the notification is acknowledged by the receiver.
Test Configuration
Configuration in SNMP Client
First create the user in /var/net-snmp/snmptrapd.conf file:
disableAuthorization yes
engineID 0x01234 # expands to engine id: 80001f880430783031323334
createUser user1
authuser log user1
createUser user2 SHA/MD5 auth-secret
# SHA or MD5 depends on your Authorization Protocol
authuser log user2
createUser user3 SHA/MD5 auth-secret AES priv-secret
# SHA or MD5 depends on your Authorization Protocol
authuser log user3
Then start snmptrapd as follows with the defined configuration file. It runs in the foreground, uses only that config file and logs to stderr:
snmptrapd -f -Le -C -c /var/net-snmp/snmptrapd.conf udp:2424
# 2424 is the port you are listening
Configuration in vSphere
The following esxcli commands should be executed to configure SNMP v3 for sending informs:
1. To set the basic configuration of SNMP Agent
Enabling the agent to find out the SNMP Agent EngineID
~ # esxcli system snmp set –r -e 1 -l debug
# -e 1/yes/true option will enable SNMP service.
#–e 0/no/false option will disable SNMP Service
2. To retrieve the SNMP Agent configuration
~ # esxcli system snmp get
Authentication:
Communities:
Enable: true
Engineid: 00000063000000a100000000 # Default EngineID
Hwsrc: indications
Loglevel: debug
Notraps:
Port: 161
Privacy:
Remoteusers:
Syscontact:
Syslocation:
Targets:
Users:
V3targets:
3. Assign a Remote Engine ID
Temporarily assign Remote EngineID to create the hash values
~ #esxcli system snmp set -E 80001f880430783031323334
4. Set authentication and privacy protocols
Set the Authentication Protocol as SHA1 or MD5 and Privacy Protocol as AES128
~ # esxcli system snmp set -a MD5 -x AES128
5. Generate hash values using authentication secret key and privacy secret key
# esxcli system snmp hash -A auth-secret -X priv-secret -r
Authhash: <Auth Hash>
Privhash: <Priv Hash>
For Example:
# esxcli system snmp hash -A auth-secret -X priv-secret -r
Authhash: d5aeb357b6731faeaa26960822c7131d
Privhash: e7fcca618c0930a987eb067edd92d3d3
6. Set the engine ID back to original
Setting EngineID back to the initial value defined by VSphere
~ # esxcli system snmp set -E 00000063000000a100000000
7. Configure the remote user
Configuring the Remote user for NoAuthNoPriv, authNoPriv, authPriv using –R option
# esxcli system snmp set -R
user1/none/-/none/-/80001f880430783031323334, # For noAuthnoPriv
user2/MD5/<Auth Hash>/none/-/80001f880430783031323334,
# For authNoPriv
user3/MD5/<Auth Hash>/AES128/
<Priv Hash>/80001f880430783031323334
# For authPriv
For Example:
# esxcli system snmp set -R
user1/none/-/none/-/80001f880430783031323334, # For noAuthnoPriv
user2/MD5/d5aeb357b6731faeaa26960822c7131d/none/-/80001f880430783031323334,
# For authNoPriv
user3/MD5/d5aeb357b6731faeaa26960822c7131d/AES128/
e7fcca618c0930a987eb067edd92d3d3/80001f880430783031323334
# For authPriv
8. Set inform targets
Creating V3 inform targets
~ # esxcli system snmp set -i
192.168.0.200@2222/user1/none/infom, # For noAuthnoPriv
192.168.0.200@2323/user2/auth/inform, # For authNoPriv
192.168.0.200@2424/user3/priv/inform# For authPriv