Hello,
I've a doubt with regards to sending SNMPv3 traps via mgmt VRF.
Background:
- I'm using HPE IMC 7.3 E0605P06 as NMS.
- I've two Aruba 8320 running ArubaOS-CX 10.01.0030 (VSX)
- Aruba 8320 are already registered on HPE IMC (monitoring works, partially)
I've configured:
Aruba-8320-1(config)# no snmp-server vrf default
Aruba-8320-1(config)# snmp-server vrf mgmt
And, actually (HPE IMC IP Address and SNMPv3 User redacted):
snmp-server host HPE_IMC_IP_Address inform version v3 user mysnmpv3user
snmp-server host HPE_IMC_IP_Address trap version v3 user mysnmpv3user
Now - reading the Aruba 8320 Monitoring Guide for ArubaOS-CX 10.01 (November 2018, 5th edition) at page 61 - I've read this statement:
SNMP traps enable an agent to notify the management station of significant events by way of an unsolicited SNMP message. Enable SNMP traps by entering the snmp-server host command:
switch(config)# snmp-server host 10.10.10.10 trap version v2c vrf default
SNMP traps cannot be forwarded from ArubaOS-CX 10.00 switches that have the VRF configured as mgmt.
Later versions of ArubaOS-CX support SNMP trap forwarding even when the VRF is configured as default or mgmt.
So I'm asking if - running latest ArubaOS-CX 10.01.0030 - I should (or I could) specify to use mgmt VRF for SNMPv3 Traps to be sure HPE IMC 7.3 will be able to receive Traps, this way:
Aruba-8320-1(config)# snmp-server host HPE_IMC_IP_Address inform version v3 user mysnmpv3user vrf mgmt
with respect what is actually configured.
But when I try to specify the VRF I want to use to send Traps...this is the output the command returns:
Aruba-8320-1(config)# snmp-server host HPE_IMC_IP_Address inform version v3 user mysnmpv3user vrf mgmt
Only default is supported
So now the questions are:
- are the very first pair of SNMP commands listed above (the no snmp-server vrf default and the snmp-server vrf mgmt) doing something useful or not with regards to using mgmt VRF?
- The restriction above still applies so sending SNMPv3 Traps via mgmt VRF is not implemented yet?
Am I missing something? ...or, in other terms, how can I verify that SNMPv3 configuration is correctly set to send SNMPv3 Traps to HPE IMC 7.3 NMS (considering that Aruba 8320 are already both correctly registered/monitored on IMC)? my doubts are about Traps...