This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

How to configure SNMPv3

I have followed instructions found online how to configure SNMPv3 to work with SolarWinds but I seem to get a connection failure when I do. This is my routers config:

 

Router1(config)# snmp-server group [groupname] v3 auth read

  Router1(config)# snmp-server user [username] [groupname] v3 auth md5 [password] priv aes 256 [password]

Here is my SolarWinds screen shot

pastedImage_0.png

  • Have you tried defining a view and assigning that to the group?

    ie:

    snmp-server view OrionView iso included

    snmp-server view OrionView mib-2 included

    snmp-server view OrionView internet included

    snmp-server view OrionView system included

    snmp-server view OrionView interfaces included

    snmp-server view OrionView chassis included

    snmp-server group [groupname] v3 priv read OrionView

    I haven't done it with the "auth read", only "priv read"

  • Not sure what type router you are using, but I have a Cisco ASR configured like this, and it works fine.

    snmp-server group [groupname] v3 auth

    snmp-server host [ipaddress] version 3 auth [username]

    The snmp-server user line I had to use with my ASA, but not in the router.

    Hope this helps, good luck.

  • It appears you may have missed defining the snmp-v3 source:

    snmp-server host [ipaddress] version 3 auth [username]

    I suspect once you have added that you will have corrected the problem.

    Once you have successfully implemented snmp-v3, reconsider a few of your options:

    • You could replace MD5 with SHA, if maximizing security is your goal.
    • Depending on the authority you reference, AES 256 may (or may not) have certain built-in vulnerabilities from government agencies.  If you believe in conspiracy theories.  I had a former White House Security Advisor as an instructor for an ASA class; he hinted strongly that shorter versions of encryption (DES or 3-DES or AES 128) might actually be MORE secure than AES 256 due to a built-in vulnerability created by government to allow them to more easily read organized crime transmissions.  We asked him to expand on this idea and he responded as you'd expect:  "I could tell you but then I'd have to . . . "
  • See this post below.

    SNMP Test Failed While Adding Nodes

    Try running SNMPWALK below using SNMPV3

    Running SNMPWalk

    ////// RealTime Bandwidth Monitor Tool  //////

    You can also try  the FREE  "SolarWinds" RealTime Bandwidth Monitor Tool"

    http://www.solarwinds.com/products/freetools/real-time-bandwidth-monitor.aspx

    (Use the same Technic adding working / non working device with SNMP V3 and confirm you are able to see the interfaces for the node )

  • The one issue I had was the need to have the Engine ID associated with the user. Once the user was created I entered the show snmp user command needed to retrieve the EngineID

    sh snmp user [USERNAME] \r

    Once I received the Engine ID I needed to add the snmp-server command

    snmp-server engineID remote [SOLARWINDS SERVER IP] udp-port 514 [EngineID]

    One I added this and all the other snmp-server commands relevant to what I needed (traps, views, etc) my issue was resolved

  • Hi mate, Having similar issue. Where did you get the remote engine ID to use? Should that come from the Solarwinds SNMP server? Tried logging in to our Solarwinds / Orion server but can't seem to find it. Thanks in Advance for the help!

  • Question: Where can I locate my Engine Information [In particular the EngineID]

    Answer: The Engine ID is located in the Engines table.

    This can be accessed from the Database Manager. The following query can be executed and this will display all the engines present on the system as well as there information.

    "Select TOP 1000 * FROM [dbo].[Engines]"

    Capture1.PNG