thanks....:)
________________________________ From: Nugroho WH Adisubrata <adisubr...@gmail.com> To: snort bsd <snort...@yahoo.com.au> Cc: juniper-nsp <juniper-nsp@puck.nether.net> Sent: Wed, 1 September, 2010 4:55:22 PM Subject: Re: [j-nsp] SNMP v3 configurations Snort, You missed VACM configuration. Please add following VACM configuration: enug...@gundul# show snmp v3 { usm { local-engine { user enugadi { authentication-sha { authentication-key "$9$djV24GDimPQZGHmfQn6evMXdb4aZDHq8X-wY4ZGjHqmfz9Apu1RpuNdwYZGk.PT69AtOhcl0O-VwsJZtu0BhSrlMXxd9AOREhrlWLx7-wg4ZH.Pg4Fn69pu1RhSvWxNdbYg-dikPfn6lKvL-VaZUjk.ZGuOIRSyvWLN-wJGDi.PjiO1hcleYg4aDi"; ## SECRET-DATA } privacy-none; } } } vacm { security-to-group { security-model usm { security-name enugadi { group group_enugadi; } } } access { group group_enugadi { default-context-prefix { security-model usm { security-level none { read-view full-mib; } } } } } } } engine-id { use-mac-address; } view full-mib { oid internet include; } nugroho-a-macbook:~ nugroho$ snmpwalk -v 3 -u enugadi -l AuthNoPriv -a SHA -A adisubrata -m ALL 192.168.150.14 ------ truncate ----- RFC1213-MIB::ifIndex.6 = INTEGER: 6 RFC1213-MIB::ifIndex.8 = INTEGER: 8 RFC1213-MIB::ifIndex.9 = INTEGER: 9 RFC1213-MIB::ifIndex.16 = INTEGER: 16 RFC1213-MIB::ifIndex.17 = INTEGER: 17 On Thu, Sep 2, 2010 at 1:24 AM, snort bsd <snort...@yahoo.com.au> wrote: Hi all: > >here is my configuration (for testing) for snmp v3: > >v3 { > usm { > local-engine { > user tester { > authentication-sha { > authentication-key "xxxxxxx"; ## SECRET-DATA > } > privacy-none; > } > } > } > target-address test_1 { > address 172.32.1.10; > target-parameters test-lab; > } > target-address test_2 { > address 172.32.1.11; > target-parameters test-lab; > } > target-parameters test-lab { > parameters { > message-processing-model v3; > security-model usm; > security-level authentication; > security-name lab; > } > } > snmp-community lab { > security-name lab; > tag lab; > } >} >engine-id { > use-mac-address; >} >trap-group test { > version all; > categories { > authentication; > chassis; > link; > routing; > sonet-alarms; > } >} > >but the tests were failed: > >h...@bn:~:$ snmpwalk -v 3 -u tester -l AuthNoPriv -a SHA -A test -m ALL >172.32.1.10 >Error in packet. >Reason: authorizationError (access denied to that object) > > >did I miss something in my configuration? > >Thanks in advance > > > > >_______________________________________________ >juniper-nsp mailing list juniper-nsp@puck.nether.net >https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp