Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Server & Application Monitor (SAM) > Configure SNMPV3 on Linux for SAM polling

Configure SNMPV3 on Linux for SAM polling

Table of contents
Created by Albert Lopez, last modified by MindTouch on Jun 23, 2016

Views: 501 Votes: 0 Revisions: 5

Overview

This article provides steps when configuring SNMPV3 for RHEL, OpenSUSE Linux systems, for SNMP polling methods used with Server and Application Montior.

Environment

  • All Versions of Sam
  • RHEL 6.2 - 7   
  • OpenSUSE 11.3

Steps

1. Depending if SNMPD or Net-SNMP is in use, the usual configuration file is at:

 /etc/snmp/snmpd.conf

   Within this file, verify these configurations (lines shown are commented out using #).

#  Listen for connections from the local system only
#agentAddress  udp:127.0.0.1:161
#  Listen for connections on all interfaces (both IPv4 *and* IPv6)
#agentAddress udp:161,udp6:[::1]:161 192.168.0.0 /24

#rwuser        authPrivUser    priv

 

2. The SNMP3 configuration is done along three lines from the CLI. The Syntax is as followed:

service snmpd stop
net-snmp-create-v3-user -ro -A <snmpv3authPass> -a {MD5|SHA1} -X <snmpv3encPass> -x {DES|AES} <snmpv3user>
service snmpd start

 

3. Stop and start the service:

net-snmp-create-v3-user = shell script used to create a new user...

-ro = create a user with read only permissions

-A = authentication password

<snmpv3authPass> (cannot use special characters such as @ $, as they can be seen as environmental variables)

-a MD5 /SH1 = authentication type

-X = encryptions password

<snmpv3encPass> (cannot use special characters such as @ $, as they can be seen as environmental variables)

-x DES /AES = encryption type

snmpv3user = the actual user name

 

4. Test the configuration using SNMPWALK:

snmpwalk -u snmpv3user -A snmpv3authPass -a MD5 -X snmpv3encPass -x DES -l authPriv 127.0.0.1 -v3

 

5. Depending on the security of the system, you may have to open the port in IPTables:

vi /etc/sysconfig/iptables:
    A INPUT -p tcp -m tcp --dport 161 -j ACCEPT
    A INPUT -p udp -m udp --dport 162 -j ACCEPT

iptables -A INPUT -p udp -s 192.168.146.129 --dport 161 -j ACCEPT


6. restart IPtables:
    /etc/init.d/iptables restart

 

Last modified
02:48, 23 Jun 2016

Tags

Classifications

Public