Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

SNMPv3 on Aruba 6000 / librenms

Jump to Best Answer
This thread has been viewed 16 times
  • 1.  SNMPv3 on Aruba 6000 / librenms

    Posted Jul 08, 2022 02:55 PM
    Good afternoon.
    I'm struggling to enroll our Aruba 6000 switches into librenms. So far I have:
    - created an snmpv3 user with auth/priv
    - created a context, assigned the user to the context, and assigned the context to VRF default (no mgmt on 6000) - not sure what a context does to be honest
    - disabled older snmp standards (snmpv3 only)

    Unfortunately I get no handshake when I try to add the switch to librenms. It says 'no reply' with the provided credentials. I tried multiple times to make sure there isn't a typo anywhere, so I think I'm missing something. Any pointers? 

    (PS: I've enrolled dozens of 2530s and 2930s into librenms. Somehow nothing seems that simple with AOS-CX)


  • 2.  RE: SNMPv3 on Aruba 6000 / librenms

    Posted Jul 08, 2022 04:04 PM
    Hello Ronald,

    mostly the same picture here:

    - LibreNMS last version
    - all 2530, 2540, 2930M, 2930F work perfectly with SNMPv3 authpriv
    - completely disabled SNMP v1 and v2
    - going to deploy some Aruba 6000

    that is why I am very interested in this topic.

    If the context you talk about on the 6000 ends up to be a SNMPv3 context, then I suppose the problem may be that LibreNMS does not support per-device SNMPv3 context, for example see:

    Toshiba e-studio printers uses "MFP" as a context in SNMPv3 · Issue #13465 · librenms/librenms

    I hit this limitation on a HP laserjet printer, which have a hard-coded SNMPv3 context string "Jetdirect"; on the other hand, when I queried the device via command line with snmpwalk adding the context string along with the authpriv parameters, it would reply as expected.

    Hope this helps.

    Regards
    GG


  • 3.  RE: SNMPv3 on Aruba 6000 / librenms

    Posted Jul 08, 2022 04:21 PM
    Hm, I'm not sure this is the same scenario. The context on the 6000 seems to be an option (I think). I tried without at first and got no response, so I assumed maybe a context needed to be defined - but no luck. I haven't tried snmpwalk yet. I may get to that next week. I'm hoping for a more 'standard' solution though. Hope dies last.


  • 4.  RE: SNMPv3 on Aruba 6000 / librenms
    Best Answer

    Posted Jul 10, 2022 04:42 AM
    Hi Ronald,

    my librenms installation is working fine with AOS-CX switch. I didn´t have to make any changes to librenms, so I´m posting the snmp config of my switches - maybe that is helpful for you:

    snmp-server vrf default
    snmp-server system-location "xxx"
    snmp-server snmpv3-only
    snmpv3 user prtg auth sha auth-pass ciphertext xxx priv aes priv-pass ciphertext xxx 
    



  • 5.  RE: SNMPv3 on Aruba 6000 / librenms

    MVP GURU
    Posted Jul 11, 2022 07:07 AM
    Me too!

    Maybe the culprit would be the absence of the snmp-server trap-source interface vrf configuration option?

    A working configuration I'm using with LibreNMS is (with vrf mgmt on Aruba 8320):

    snmp-server vrf <vrf>
    snmp-server system-description <description>
    snmp-server system-location <location>
    snmp-server system-contact <contact>
    snmpv3 user <user> auth sha auth-pass ciphertext <auth-pass-cipher> priv aes priv-pass ciphertext <priv-pass-cipher>
    snmp-server host <host> inform version v3 user <user>
    snmp-server host <host> trap version v3 user <user>



  • 6.  RE: SNMPv3 on Aruba 6000 / librenms

    Posted Jul 11, 2022 11:29 AM
    That did it. I was missing the "snmp-server vrf default" variable. Thanks everyone!