[mrtg] help on SNMPv3 configurtion in .cfg

Cihan Subasi (Garanti Teknoloji) CihanS at garanti.com.tr
Wed Apr 13 15:58:16 CEST 2011 

Thank you for the help...I managed to get it run

SnmpOptions[testrtr-s0101]: authkey=>'0x80b746aa503f97bf37e1d93e90438d24',authprotocol=>'md5',privprotocol=>'des',username=>'xxxx',privkey=>'0x5c6d827205aa3b3fd88529b864b4bb72'



________________________________
From: mrtg-bounces+cihans=garanti.com.tr at lists.oetiker.ch [mailto:mrtg-bounces+cihans=garanti.com.tr at lists.oetiker.ch] On Behalf Of Daniel McDonald
Sent: Wednesday, April 13, 2011 3:27 PM
To: mrtg
Subject: Re: [mrtg] help on SNMPv3 configurtion in .cfg

On 4/13/11 6:21 AM, "Cihan Subasi (Garanti Teknoloji)" <CihanS at garanti.com.tr> wrote:

I have not been able to run snmpv3 configured .cfg file, below is mine, can you share with us a sample .cfg or correct our mistakes below? thank you


WorkDir: /export/sun4_share2/testrtr

#Options[_]:bits,growright
Options[_]:bits,growright
#Options[_]:enablesnmpv3,snmp-options=:::::3,contextengineid=800000090300001BD53DB640
EnableSnmpV3: yes
Xsize[_]: 550
Ysize[_]: 250
Ytics[_]: 10
Withpeak[_]: ym
#Suppress[_]: y
Interval: 6

#
Target[testrtr-s0101]: \Serial0/1/0\:1:grnt2011 at 1.1.1.1:::::3
SnmpOptions[testrtr-s0101]: username=>'xxxxxx',authprotocol=>'md5',authkey=>'0x80b746aa503f97bf37e1d93e90438d24',privprotocol=>'3d
es',privkey=>'0x80b746aa503f97bf37e1d93e90438d24daf8f544b59d592dea3aac0de8cbbbb0',contextengineid=>'800000090300001BD5FDB000',privpa
ssword=>'yyyyyyyy'

If you are using authkey and privkey, you don’t need privpassword or contextengineid, as the privkey is the hash of the privpassword and the contextengineid


I’ll also note this from the Net-SNMP 5.2.0 releasenotes:
    The non-core modules Crypt::DES, Digest::MD5, Digest::SHA1, and
    Digest::HMAC are needed to support SNMPv3.

    In order to support the AES Cipher Algorithm as a SNMPv3 privacy
    protocol, the non-core module Crypt::Rijndael is needed.


Here is a working sample, sanitized...
Target[router1.example.com.cpu1]: cpmCPUTotal5secRev.1&cpmCPUTotal1mi
nRev.1:foo at router1.example.com::3:1:1:3
SnmpOptions[router1.example.com.cpu1]: authkey=>'0xf0aba...',authprotocol=>'sha',privprotocol=>'aescfb128',username=>
'foo',privkey=>'0x03b...’


--
Daniel J McDonald, CCIE # 2495, CISSP # 78281


This message and attachments are confidential and intended solely for the individual(s) stated in this message. If you received this message although you are not the addressee, you are responsible to keep the message confidential. The sender has no responsibility for the accuracy or correctness of the information in the message and its attachments. Our company shall have no liability for any changes or late receiving, loss of integrity and confidentiality, viruses and any damages caused in anyway to your computer system.  

Bu mesaj ve ekleri, mesajda gonderildigi belirtilen kisi/kisilere ozeldir ve gizlidir. Bu mesajin muhatabi olmamaniza ragmen tarafiniza ulasmis olmasi halinde mesaj iceriginin gizliligi ve bu gizlilik yukumlulugune uyulmasi zorunlulugu tarafiniz icin de soz konusudur. Mesaj ve eklerinde yer alan bilgilerin dogrulugu ve guncelligi konusunda gonderenin ya da sirketimizin herhangi bir sorumlulugu bulunmamaktadir. Sirketimiz mesajin ve bilgilerinin size degisiklige ugrayarak veya gec ulasmasindan, butunlugunun ve gizliliginin korunamamasindan, virus icermesinden ve bilgisayar sisteminize verebilecegi herhangi bir zarardan sorumlu tutulamaz.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.oetiker.ch/pipermail/mrtg/attachments/20110413/23da003d/attachment-0001.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo.gif
Type: image/gif
Size: 1947 bytes
Desc: not available
Url : http://lists.oetiker.ch/pipermail/mrtg/attachments/20110413/23da003d/attachment-0001.gif

More information about the mrtg mailing list