API Guide

ManualsBrandsDell ManualsAccess PlatformsEMC Networking MX9116n

161

162

163

164

165

166

167

168

169

170

While configuring SNMP users, instead of using plain text passwords, you can use localized keys that are encrypted using

authentication and encryption algorithms. To generate the localized keys, use the Snmpkey utility in Linux. Ensure that you have

the following packages installed in the Linux server to generate the localized keys:

● libnet-snmp-perl

● libcrypt-des-perl

● libdigest-hmac-perl

● libcrypt-rijndael-perl

Use the following command to generate the localized keys that you can use when configuring a user:

snmpkey {md5 | sha} authpassword engineID [des | 3des | aes] privpassword

where authpassword is the password that you specify for the authentication protocol, engineID is the local engineID, and

privpassword is the password that you specify for the privacy protocol.

Use the show snmp engineID local command to view the local engineID.

OS10# show snmp engineID local

Local default SNMP engineID: 0x800002a2036c2b59fbd8a0

Enter the following command on the Linux server where you have the Snmpkey utility installed:

snmpkey md5 testauthpasswd 0x800002a2036c2b59fbd8a0 des testprivpasswd

authKey: 0xaa5bb0eb6e6a9f036dc548e4ad9405f8

privKey: 0xaa5bb0eb6e6a9f036dc548e4ad9405f8

The system generates the authentication and privacy keys.

Use the localized keys while configuring the SNMP user.

OS10(config)# snmp-server user user3 Group3 3 localized auth md5

0xaa5bb0eb6e6a9f036dc548e4ad9405f8 priv des 0xaa5bb0eb6e6a9f036dc548e4ad9405f8

Configure SNMP traps

The SNMP agent sends notification of events to the management station using unsolicited SNMP messages called SNMP traps.

SNMP traps optimize the use of network resources.

SNMP version 1 and version 2C traps can coexist with version 3 traps. SNMP versions 1 and 2C use the trap category for

access control. SNMP version 3 traps are associated to SNMP users with a given authentication level.

Configure SNMP traps on the OS10 switch for it to send notifications to the management station.

snmp-server host {ipv4–address | ipv6–address} {informs version version-number | traps

version version-number | version version-number} [snmpv3-security-level] [community-name]

[udp-port port-number] [dom | entity | envmon | lldp | snmp]

Configure SNMP v1 or v2C traps

OS10(config)# snmp-server host 10.11.73.110 traps version 2c comm2c lldp snmp

Configure SNMP v3 traps

OS10(config)# snmp-server group Group3 3 priv notify NOTIFY

OS10(config)# snmp-server user User3 Group3 3 auth md5 testpasswd priv aes testprivpasswd

OS10(config)# snmp-server host 10.11.56.46 version 3 priv User3

Configure SNMP informs

The SNMP agent sends notification of events to and receives an acknowledgment from the network management station

(NMS), also called as the remote SNMP server. Such notifications that receive an SNMP response from the NMS are called

informs. Informs are more reliable than traps. If an SNMP agent does not receive an acknowledgment, it resends the inform, up

to a maximum of three retries.

164

System management