Cloud Managed Networks

 View Only
  • 1.  SNMPv3 selection Cloud Central vs NMS

    Posted Dec 16, 2024 11:07 AM

    Hi all,

    I'm trying to enable the snmpv3 for both switch and waps managed in Aruba Cloud Central. However, there's seem to be a mismatch when selecting the right credentials and option.

    Which auth protocol SHA is in Aruba, SHA-1,256,512?

    Which Privacy protocol bit is in Aruba? 

    See below.

    From my NMS (WUG) these are the options:

    Authentication Protocol:
    MD5, SHA-1,
    SHA-256, SHA-512

    Encryption Protocol:
    DES56,AES128,AES192,AES256

    Aruba:

    Authentication Protocol"
    SHA AND MD5

    Privacy:
    DES
    AES

    Thanks,



  • 2.  RE: SNMPv3 selection Cloud Central vs NMS

    Posted Dec 19, 2024 07:00 AM

    Here is the RFC that describes the standards based encryption for SNMPv3. Mentioned there is: HMAC-SHA-96 for authentication and CFB128-AES-128 for encryption.

    HMAC-SHA-96 is SHA1 (where only 96 bits out of the original 160 bits are used); this is what the switch refers to as SHA.

    AES is the the 128 bit AES used in Cipher Feedback (CFB) mode; so that is what the switch refers to as AES.

    Support for other algorithms than SHA/MD5 and DES/AES should be considered non-standard and are known to have different implementations, so expect incompatibility.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: SNMPv3 selection Cloud Central vs NMS

    Posted Dec 22, 2024 11:20 AM

    Hi Herman,

    thank you so much for the clarification. Now it's up to me to test it out.

    Thanks,