Requirement:
This article discusses how to configure an ArubaOS-Switch to use SNMP version three for switch management.
Solution:In the follow configuration, switch Rack3sw1 is configured to use SNMP version 3.
- The user name “admin” is created to use SHA as the authentication protocol and DES as the privacy protocol.
- The ManagerPriv group is created and the user “admin” is added to the group.
- The user “initial” which is created by the enable snmpv3 dialogue is deleted.
Configuration:Rack2sw1(config)# snmpv3 enable
Creating user 'initial'
Authentication Protocol: MD5
Enter authentication password: ********
Privacy protocol is DES
Enter privacy password: ********
User 'initial' has been created
Would you like to create a user that uses SHA? [y/n] n
User creation is done. SNMPv3 is now functional.
Would you like to restrict SNMPv1 and SNMPv2c messages to have read only access (you can set this later by the command 'snmpv3 restricted-access')? [y/n]y
Rack2sw1(config)# snmpv3 user "admin" auth sha sha-password priv des des-password
Rack2sw1(config)# snmpv3 group managerpriv user admin sec-model ver3
Rack2sw1(config)# no snmpv3 user initial
VerificationRack2sw1(config)# show snmpv3 user admin
Status and Counters - SNMP v3 Global Configuration Information
User Name : admin
Auth. Protocol : SHA
Privacy Protocol : CBC DES
Rack2sw1(config)# show snmpv3 group ManagerPriv user admin sec-model ver3
Status and Counters - SNMP v3 Global Configuration Information
Security Name : admin
Security Model : ver3
Group Name : ManagerPriv
C:\snmpwalk -sn:admin -v:3 -r:10.254.1.1 -ap:sha -aw:sha-password -pp:des -pw:des-password -os:1.3.6.1.2.1.1.1 -op:1.3.6.1.2.1.1.6
SnmpWalk v1.01 - Copyright (C) 2009 SnmpSoft Company
[ More useful network tools on http://www.snmpsoft.com ]
OID=.1.3.6.1.2.1.1.1.0, Type=OctetString, Value=HP J9727A 2920-24G-PoE+ Switch,revision WB.16.04.0008, ROM WB.16.03 (/ws/swbuildm/rel_ukiah_qaoff/code/build/anm(swbuildm_rel_ukiah_qaoff_rel_ukiah)) (Formerly ProCurve)
OID=.1.3.6.1.2.1.1.2.0, Type=OID, Value=1.3.6.1.4.1.11.2.3.7.11.153
OID=.1.3.6.1.2.1.1.3.0, Type=TimeTicks, Value=2 days, 1:43:40.87
OID=.1.3.6.1.2.1.1.4.0, Type=OctetString, Value=
OID=.1.3.6.1.2.1.1.5.0, Type=OctetString, Value=Rack2sw1
Total: 5