The aescfb128 Privileged Protocol for a Cisco switch

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
wyoder
Posts: 50
Joined: Mon Dec 29, 2014 3:21 pm
Location: Raleigh, NC
Contact:
Contact wyoder

The aescfb128 Privileged Protocol for a Cisco switch

Post by wyoder »

Hello:

I'm using the Network Switch / Router wizard to set up monitoring for a Cisco 2960 switch. The wizard is pretty neat and supports SNMP v3, with authentication, which is what our switch uses.

However, the wizard offers only two "Privileged Procols": DES and AES. Our switch supports the AES protocol, but we are unable to connect with that setting. Instead, running the /usr/bin/cfgmake utility, we see this error message:

"Only des, 3desede, aescfb128, aescffb192 and aescfb256 are defined for --privprotocol"

When we invoke cfgmaker manually with the aescfb128 Privileged Protocol, then the utility works great:

# /usr/bin/cfgmaker --enablesnmpv3 --snmp-options=:::::3 --authprotocol=md5 --privprotocol=aescfb128 ...

So I'd like to know--is there a way in the Network Switch / Router wizard to specify aescfb128 as the Privileged Protocol? Or if not that, is there another way in Nagios XI to set up the switch with these values?

Thank you.
--Bill
Top
rkennedy
Posts: 6579
Joined: Mon Oct 05, 2015 11:45 am

Re: The aescfb128 Privileged Protocol for a Cisco switch

Post by rkennedy »

I have created a feature request for this internally, ID #8582. This would allow an 'other' field to be specified where you could type this in, or alternatively a static option for 'aescfb128'.

As for now, you can change the wizard by modifying the existing wizard manually.

Open /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php and change line 241 from -

Code: Select all

                          <option value="AES" ' . is_selected($snmpopts["v3_priv_proto"], "AES128") . '>AES</option>
to -

Code: Select all

                          <option value="AESCFB128" ' . is_selected($snmpopts["v3_priv_proto"], "AESCFB128") . '>AESCFB128</option>
I tested on my machine and it seems to work by generating this line -

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '100000000' --enablesnmpv3 --snmp-options=:::::3 --username='test' --authprotocol='md5' --authpassword='1' --privprotocol='aescfb128' --privpassword='2' --contextengineid=0 '5.4.3.2'
Former Nagios Employee
Top
wyoder
Posts: 50
Joined: Mon Dec 29, 2014 3:21 pm
Location: Raleigh, NC
Contact:
Contact wyoder

Re: The aescfb128 Privileged Protocol for a Cisco switch

Post by wyoder »

Dear rkennedy:

You got that one right. With the aescfb128 protocol support in the wizard, I was able to integrate our Cisco Cat 2960S switch into Nagios XI. Thank you. You can close this post. It's now time to learn about MIBs and SNMP traps...

--Bill
Top
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: The aescfb128 Privileged Protocol for a Cisco switch

Post by mcapra »

Closing this up!
Former Nagios employee
https://www.mcapra.com/
Top
Locked

Return to “Nagios XI”