Quantcast
Channel: VMware Communities : Blog List - All Communities
Viewing all articles
Browse latest Browse all 3135

SNMP Inform test And Debugging using v3(noAuthnoPriv, authNoPriv, and authPriv) protocol in vSphere - Part 1

$
0
0

SNMPv3 Inform

An  SNMPv3 inform is a notification that the sender will resend up to 3 times or until the notification is acknowledged by the receiver.

 

Test Configuration


Configuration in SNMP Client

First create the user in /var/net-snmp/snmptrapd.conf file:

     disableAuthorization yes

     engineID 0x01234  # expands to engine id: 80001f880430783031323334


     createUser user1

     authuser log user1


    createUser user2 SHA/MD5 auth-secret 

          # SHA or MD5 depends on your Authorization Protocol

     authuser log user2


     createUser user3 SHA/MD5 auth-secret AES priv-secret

          # SHA or MD5 depends on your Authorization Protocol

     authuser log user3


Then start snmptrapd as follows with the defined configuration file. It runs in the foreground, uses only that config file and logs to stderr:

      snmptrapd -f -Le -C -c /var/net-snmp/snmptrapd.conf udp:2424

# 2424 is the port you are listening

 

Configuration in vSphere

The following esxcli commands should be executed to configure SNMP v3 for sending informs:

 

1. To set the basic configuration of SNMP Agent

Enabling the agent to find out the SNMP Agent EngineID

~ # esxcli system snmp set –r -e 1 -l debug

# -e 1/yes/true option will enable SNMP service.

#–e 0/no/false option will disable SNMP Service

 

2. To retrieve the SNMP Agent configuration

~ # esxcli system snmp get

  Authentication:

   Communities:

   Enable: true

   Engineid: 00000063000000a100000000 # Default EngineID

   Hwsrc: indications

   Loglevel: debug

   Notraps:

   Port: 161

   Privacy:

   Remoteusers:

   Syscontact:

   Syslocation:

   Targets:

   Users:

   V3targets:

3. Assign a Remote Engine ID

Temporarily assign Remote EngineID to create the hash values

~ #esxcli system snmp set -E 80001f880430783031323334

 

4. Set authentication and privacy protocols

Set the Authentication Protocol as SHA1 or MD5 and Privacy Protocol as AES128

~ # esxcli system snmp set -a MD5 -x AES128  

5. Generate hash values using authentication secret key and privacy secret key

          # esxcli system snmp hash -A auth-secret -X priv-secret -r

Authhash: <Auth Hash>

Privhash: <Priv Hash>

For Example:

# esxcli system snmp hash -A auth-secret -X priv-secret -r

Authhash: d5aeb357b6731faeaa26960822c7131d

Privhash: e7fcca618c0930a987eb067edd92d3d3

6. Set the engine ID back to original

           Setting EngineID back to the initial value defined by VSphere

~ # esxcli system snmp set -E 00000063000000a100000000

 

7. Configure the remote user

           Configuring the Remote user for NoAuthNoPriv, authNoPriv, authPriv using –R option

# esxcli system snmp set -R

user1/none/-/none/-/80001f880430783031323334,    # For noAuthnoPriv

user2/MD5/<Auth Hash>/none/-/80001f880430783031323334,

# For authNoPriv

user3/MD5/<Auth Hash>/AES128/

<Priv Hash>/80001f880430783031323334

# For authPriv

 

For Example:

# esxcli system snmp set -R

user1/none/-/none/-/80001f880430783031323334,    # For noAuthnoPriv

user2/MD5/d5aeb357b6731faeaa26960822c7131d/none/-/80001f880430783031323334,

# For authNoPriv

user3/MD5/d5aeb357b6731faeaa26960822c7131d/AES128/

e7fcca618c0930a987eb067edd92d3d3/80001f880430783031323334

# For authPriv


8. Set inform targets

Creating V3 inform targets

~ # esxcli system snmp set -i

                              192.168.0.200@2222/user1/none/infom, # For noAuthnoPriv

                              192.168.0.200@2323/user2/auth/inform, # For authNoPriv

                              192.168.0.200@2424/user3/priv/inform# For authPriv


Viewing all articles
Browse latest Browse all 3135

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>