I am trying to setup NagiosXI to be able to query devices using SNMPv3 instead of SNMPv1/2c. Is there anything you have to do on the NagiosXI server to get this to work? Do I need to setup a user? I have entered a username, authentication password and privacy password on the device (APC environmental monitor) and attempted to do a walk but it just states that no results were returned. When I attempt to do a walk using SNMPv1 it works as normal.
Any help is appreciated!
Setup SNMPv3
Re: Setup SNMPv3
Just to update, I have been able to get SNMPv3 to work if I set the authentication and privacy protocol to none (noauthnopriv) yet when I try to add a authentication passphrase if fails.
-
sreinhardt
- -fno-stack-protector
- Posts: 4366
- Joined: Mon Nov 19, 2012 12:10 pm
Re: Setup SNMPv3
Are you getting any specific errors, could you post the output from a working and not working command please?
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Re: Setup SNMPv3
I just want to follow up regarding setting up SNMP v3 in NagiosXI (2012R2.9). I believe this is what I had to to do in order to set this up:
- Open the following file in your favorite text editor: /var/lib/net-snmp/snmpd.conf
Such as: nano /var/lib/net-snmp/snmpd.conf
- Add the following line to the end of the file:
createUser <UserName> <AuthenticationProtocol> <AuthenticationPassword> <PriviledgedProtocol> <PrivacyPassword>
createUser guest_user MD5 "Pass0001" DES "sharedkey001"
- Restart the snmpd service
service snmpd restart
After restarting the service, when you open the /var/lib/net-snmp/snmpd.conf file, you will notice that the line that was added will be removed. At this point I believe you will need to use the snmpusm command (use Google for more info) to edit the user settings.
- Open /etc/snmp/snmpd.conf
nano /etc/snmp/snmpd.conf
- Add the following line to the end of the file:
authuser read -s usm <UserName> priv .1
authuser read -s usm guest_user priv .1
- Try to run snmpget to see if valid output is returned:
snmpget -v 3 -u <UserName> -l <SecurityLevel> -a <AuthenticationProtocol> -A <AuthenticationPassword> -x <PrivacyProtocol> -X <PrivacyPassword> <IPAddressOfSystemToMontior> <ValueToRetrieve>
snmpget -v 3 -u guest_user -l AuthPriv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 sysName.0
The above worked for me, following the instructions: http://honglus.blogspot.com/2011/03/set ... ption.html. I am not sure whether there is other ways to complete this, as I am still learning. If someone else has an additional way, or better way, please let me know. Also I had issues with having non-alphanumeric characters in the passwords (!, @, $, etc.) and the length appears to have to be over a certain length (15?).
Be sure to backup your config files before attempting this! I still need to see this will work form SNMP Traps
Hope this helps someone else who is not a Linux expert! It would be nice if the Nagios Team would write up a tutorial on this as it requires additional work beyond the NagiosXI web interface to make operational
- Open the following file in your favorite text editor: /var/lib/net-snmp/snmpd.conf
Such as: nano /var/lib/net-snmp/snmpd.conf
- Add the following line to the end of the file:
createUser <UserName> <AuthenticationProtocol> <AuthenticationPassword> <PriviledgedProtocol> <PrivacyPassword>
createUser guest_user MD5 "Pass0001" DES "sharedkey001"
- Restart the snmpd service
service snmpd restart
After restarting the service, when you open the /var/lib/net-snmp/snmpd.conf file, you will notice that the line that was added will be removed. At this point I believe you will need to use the snmpusm command (use Google for more info) to edit the user settings.
- Open /etc/snmp/snmpd.conf
nano /etc/snmp/snmpd.conf
- Add the following line to the end of the file:
authuser read -s usm <UserName> priv .1
authuser read -s usm guest_user priv .1
- Try to run snmpget to see if valid output is returned:
snmpget -v 3 -u <UserName> -l <SecurityLevel> -a <AuthenticationProtocol> -A <AuthenticationPassword> -x <PrivacyProtocol> -X <PrivacyPassword> <IPAddressOfSystemToMontior> <ValueToRetrieve>
snmpget -v 3 -u guest_user -l AuthPriv -a MD5 -A Pass0001 -x DES -X sharedkey001 192.168.56.31 sysName.0
The above worked for me, following the instructions: http://honglus.blogspot.com/2011/03/set ... ption.html. I am not sure whether there is other ways to complete this, as I am still learning. If someone else has an additional way, or better way, please let me know. Also I had issues with having non-alphanumeric characters in the passwords (!, @, $, etc.) and the length appears to have to be over a certain length (15?).
Be sure to backup your config files before attempting this! I still need to see this will work form SNMP Traps
Hope this helps someone else who is not a Linux expert! It would be nice if the Nagios Team would write up a tutorial on this as it requires additional work beyond the NagiosXI web interface to make operational
-
sreinhardt
- -fno-stack-protector
- Posts: 4366
- Joined: Mon Nov 19, 2012 12:10 pm
Re: Setup SNMPv3
Good job, that looks pretty correct to me! We might get into snmpv3 documentation soon, but for now its still a surprisingly small amount of the snmp support requests we get. It is growing though!
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.