Wired Intelligent Edge

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)

Hello Ronald,

mostly the same picture here:

- LibreNMS last version
- all 2530, 2540, 2930M, 2930F work perfectly with SNMPv3 authpriv
- completely disabled SNMP v1 and v2
- going to deploy some Aruba 6000

that is why I am very interested in this topic.

If the context you talk about on the 6000 ends up to be a SNMPv3 context, then I suppose the problem may be that LibreNMS does not support per-device SNMPv3 context, for example see:

Toshiba e-studio printers uses "MFP" as a context in SNMPv3 · Issue #13465 · librenms/librenms

I hit this limitation on a HP laserjet printer, which have a hard-coded SNMPv3 context string "Jetdirect"; on the other hand, when I queried the device via command line with snmpwalk adding the context string along with the authpriv parameters, it would reply as expected.

Hope this helps.

Regards
GG
Original Message:
Sent: Jul 08, 2022 02:54 PM
From: Ronald Ratzlaff
Subject: SNMPv3 on Aruba 6000 / librenms

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)

Hm, I'm not sure this is the same scenario. The context on the 6000 seems to be an option (I think). I tried without at first and got no response, so I assumed maybe a context needed to be defined - but no luck. I haven't tried snmpwalk yet. I may get to that next week. I'm hoping for a more 'standard' solution though. Hope dies last.
Original Message:
Sent: Jul 08, 2022 04:03 PM
From: il Gino
Subject: SNMPv3 on Aruba 6000 / librenms

Hello Ronald,

mostly the same picture here:

- LibreNMS last version
- all 2530, 2540, 2930M, 2930F work perfectly with SNMPv3 authpriv
- completely disabled SNMP v1 and v2
- going to deploy some Aruba 6000

that is why I am very interested in this topic.

If the context you talk about on the 6000 ends up to be a SNMPv3 context, then I suppose the problem may be that LibreNMS does not support per-device SNMPv3 context, for example see:

Toshiba e-studio printers uses "MFP" as a context in SNMPv3 · Issue #13465 · librenms/librenms

I hit this limitation on a HP laserjet printer, which have a hard-coded SNMPv3 context string "Jetdirect"; on the other hand, when I queried the device via command line with snmpwalk adding the context string along with the authpriv parameters, it would reply as expected.

Hope this helps.

Regards
GG
Original Message:
Sent: Jul 08, 2022 02:54 PM
From: Ronald Ratzlaff
Subject: SNMPv3 on Aruba 6000 / librenms

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)

Hi Ronald,

my librenms installation is working fine with AOS-CX switch. I didn´t have to make any changes to librenms, so I´m posting the snmp config of my switches - maybe that is helpful for you:

snmp-server vrf default
snmp-server system-location "xxx"
snmp-server snmpv3-only
snmpv3 user prtg auth sha auth-pass ciphertext xxx priv aes priv-pass ciphertext xxx 

Original Message:
Sent: Jul 08, 2022 02:54 PM
From: Ronald Ratzlaff
Subject: SNMPv3 on Aruba 6000 / librenms

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)

Me too!

Maybe the culprit would be the absence of the snmp-server trap-source interface vrf configuration option?

A working configuration I'm using with LibreNMS is (with vrf mgmt on Aruba 8320):

snmp-server vrf <vrf>
snmp-server system-description <description>
snmp-server system-location <location>
snmp-server system-contact <contact>
snmpv3 user <user> auth sha auth-pass ciphertext <auth-pass-cipher> priv aes priv-pass ciphertext <priv-pass-cipher>
snmp-server host <host> inform version v3 user <user>
snmp-server host <host> trap version v3 user <user>

Original Message:
Sent: Jul 10, 2022 04:42 AM
From: Martin Ott
Subject: SNMPv3 on Aruba 6000 / librenms

Hi Ronald,

my librenms installation is working fine with AOS-CX switch. I didn´t have to make any changes to librenms, so I´m posting the snmp config of my switches - maybe that is helpful for you:

snmp-server vrf defaultsnmp-server system-location "xxx"snmp-server snmpv3-onlysnmpv3 user prtg auth sha auth-pass ciphertext xxx priv aes priv-pass ciphertext xxx 

Original Message:
Sent: Jul 08, 2022 02:54 PM
From: Ronald Ratzlaff
Subject: SNMPv3 on Aruba 6000 / librenms

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)

That did it. I was missing the "snmp-server vrf default" variable. Thanks everyone!
Original Message:
Sent: Jul 10, 2022 04:42 AM
From: Martin Ott
Subject: SNMPv3 on Aruba 6000 / librenms

Hi Ronald,

my librenms installation is working fine with AOS-CX switch. I didn´t have to make any changes to librenms, so I´m posting the snmp config of my switches - maybe that is helpful for you:

snmp-server vrf defaultsnmp-server system-location "xxx"snmp-server snmpv3-onlysnmpv3 user prtg auth sha auth-pass ciphertext xxx priv aes priv-pass ciphertext xxx 

Original Message:
Sent: Jul 08, 2022 02:54 PM
From: Ronald Ratzlaff
Subject: SNMPv3 on Aruba 6000 / librenms

Good afternoon.
I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
- created an snmpv3 user with auth/priv
- created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
- disabled older snmp standards (snmpv3 only)

Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

(PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)