• State Not Answered
  • Replies 0 replies
  • Subscribers 20 subscribers
  • Views 84 views
  • Users 0 members are here
Options
Related

Configuring snmp v3 on Juniper EX3200-48T switches

nick77
over 10 years ago

Hello, I am trying to configure some Juniper EX3200-48T switches (and also some EX4500-40F switches) so that I can monitor them using snmp v3, and I am having some trouble.

I have to admit this is the first time I have tried to configure snmp v3 so I could well be making a simple mistake, but any help would be greatly appreciated! :-)

 

I have a config like this on the switch ( sensitive information replaced by UPPCASE markers)

 

> show configuration snmp
location LOCATION;
contact ADMIN@DOMAIN;
v3 {
    usm {
        local-engine {
            user USER {
                authentication-sha {
                    authentication-key ## SECRET-DATA
                }
                privacy-aes128 {
                    privacy-key ## SECRET-DATA
                }
            }
        }
    }
    vacm {
        security-to-group {
            security-model usm {
                security-name USER {
                    group GROUP;
                }
            }
        }
        access {
            group GROUP {
                default-context-prefix {
                    security-model usm {
                        security-level privacy {
                            read-view internet;
                        }
                    }
                }
            }
        }
    }
}
view internet {
    oid 1.3.6.1 include;
}
view system {
    oid 1.3.6.1.2.1.1 include;
}
view interfaces {
    oid 1.3.6.1.2.1.2 include;
}
view chassis {
    oid 1.3.1.6.1.2628.2.2 include;
}

 

I am trying to add it using Admin -> Manage Nodes -> Add Node via the Orion web GUI, but the Validate SNMP check is failing. The switches are showing error "snmpd[854]: LIBJSNMP_NS_LOG_WARNING: WARNING: Authentication failed for USER" when I try this.

I think my problem is that I am not putting the right information for the node, especially the "Context" entry. And also do I need to fill in both the "SNMPv3 Credentials" and "Read / Write SNMPv3 Credentials" sections?

Here what I am using:
SNMP Version:    v3
SNMP Port:    161         
SNMPv3 Credentials      
SNMPv3 Username:    USER    
SNMPv3 Context:    GROUP (I have also tried "USER" and "default-context-prefix")
SNMPv3 Authentication      
Method:    SHA1
Password:    <password from authentication-key config>
SNMPv3 Privacy / Encryption      
Method:    AES128
Password:    <password from privacy-key config>
   

Read / Write SNMPv3 Credentials      
SNMPv3 Username:    USER
SNMPv3 Context:    GROUP (I have also tried "USER" and "default-context-prefix")    
SNMPv3 Authentication      
Method:     SHA1  
Password:    <password from authentication-key config>
SNMPv3 Privacy / Encryption      
Method:    AES128
Password:    <password from privacy-key config>

I have the feeling that I need to either put something different in the "Context" field(s) in Orion, or maybe I need an extra line of config to allow snmp queries from the Orion server?

Any ideas would be greatly appreciated!

 

Thanks in advance.

 

nick

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Accounts
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
© 2021 SolarWinds Worldwide, LLC. All Rights Reserved.