03-30-2015 08:05 AM
I did search, suprised I couldnt find anything on this...
I found an aruba article stating:
The Engine ID on the controller is automatically generated. To find the Engine ID used by the controller, look at a packet capture of a SNMPv3 trap generated by the controller. For example, on the packet capture below using Ethereal, note that the Authoritative Engine ID is 000039E7000000A10A0A0A0A
Surely, if Im not able to configure SNMPv3 on the controller without the EngineID, how am I going to generate a trap that shows me what it is?
Can I not view this at the CLI or get it some other way?
03-30-2015 02:17 PM
FWIW the way SNMPv3 is supposed to work, You either:
1) Configure the IP/engineid of the controller as a user on the trap receiver (in which case you could indeed configure the controller first, sniff the traps, then configure the trap receiver, but as noted that is unnecessary.) This will be unreliable delivery -- no confirmations or retries, but perhaps some ability to recover dropped messages through followup polls from the trap receiver to the controller, if it supports that feature.
2) Configure the IP/engineid of the inform destination host on the controller (the enigineid is an optional parameter in the "snmp-server host" command) and just set the inform destination host to accept all traffic that knows the community names.
I've had mixed luck getting #2 to actually work, for various reasons. I've also a suspicion that the controller cheats and sends an SNMPv3 trap to the inform host to get its engineID, then tries to switch to using informs, because I could swear at one point informs were working without an engineid for the inform server configured. Then things started breaking and I had to turn a bunch of features off, and have not gotten it back and working since.