[mrtg] help on SNMPv3 configurtion in .cfg
Daniel McDonald
dan.mcdonald at austinenergy.com
Wed Apr 13 14:27:01 CEST 2011
On 4/13/11 6:21 AM, "Cihan Subasi (Garanti Teknoloji)"
<CihanS at garanti.com.tr> wrote:
> I have not been able to run snmpv3 configured .cfg file, below is mine, can
> you share with us a sample .cfg or correct our mistakes below? thank you
>
>
> WorkDir: /export/sun4_share2/testrtr
>
> #Options[_]:bits,growright
> Options[_]:bits,growright
> #Options[_]:enablesnmpv3,snmp-options=:::::3,contextengineid=800000090300001BD
> 53DB640
> EnableSnmpV3: yes
> Xsize[_]: 550
> Ysize[_]: 250
> Ytics[_]: 10
> Withpeak[_]: ym
> #Suppress[_]: y
> Interval: 6
>
> #
> Target[testrtr-s0101]: \Serial0/1/0\:1:grnt2011 at 1.1.1.1:::::3
> SnmpOptions[testrtr-s0101]:
> username=>'xxxxxx',authprotocol=>'md5',authkey=>'0x80b746aa503f97bf37e1d93e904
> 38d24',privprotocol=>'3d
> es',privkey=>'0x80b746aa503f97bf37e1d93e90438d24daf8f544b59d592dea3aac0de8cbbb
> b0',contextengineid=>'800000090300001BD5FDB000',privpa
> ssword=>'yyyyyyyy'
>
If you are using authkey and privkey, you don¹t need privpassword or
contextengineid, as the privkey is the hash of the privpassword and the
contextengineid
I¹ll also note this from the Net-SNMP 5.2.0 releasenotes:
The non-core modules Crypt::DES, Digest::MD5, Digest::SHA1, and
Digest::HMAC are needed to support SNMPv3.
In order to support the AES Cipher Algorithm as a SNMPv3 privacy
protocol, the non-core module Crypt::Rijndael is needed.
Here is a working sample, sanitized...
Target[router1.example.com.cpu1]: cpmCPUTotal5secRev.1&cpmCPUTotal1mi
nRev.1:foo at router1.example.com::3:1:1:3
SnmpOptions[router1.example.com.cpu1]:
authkey=>'0xf0aba...',authprotocol=>'sha',privprotocol=>'aescfb128',username
=>
'foo',privkey=>'0x03b...¹
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.oetiker.ch/pipermail/mrtg/attachments/20110413/6394db7a/attachment.htm
More information about the mrtg
mailing list