Hi All, I've gotten the v3 traps to work, finally. But do have 1 additional question. Once I got the correct engineID into the createUser statement, the snmptrapd -D showed that it was unhappy with my context. I had added the user using snmpusm with a context of "" and my box was configured with "none". Clearly not the same. Once I changed my box to have no context, then the v3 traps started flowing. Thank you all.
Now the additional question. I have a couple of different configs that I use to send v3 traps. One has authNoPriv set and one has authPriv set. Can I use the same user for both? If I get the user configured as authPriv, will it accept traps of a lesser security level? And how do I change the usm user? I have tried to delete the user using snmpusm, but have had no success thus far. Is snmpusm the only way I can get the user configured with authPriv? Max -----Original Message----- From: Mark Ellison [mailto:[email protected]] Sent: Tuesday, March 24, 2009 4:27 PM To: [email protected] Cc: [email protected] Subject: Re: Version 5.4.2.1 snmp v3 traps with snmptrapd Hi Max, I don't think the createUser -e 0x0102030405....is doing anything. I think the FC 4 box has an older version of snmptrapd that doesn't require the level of configuration you are looking at with the Fedora 10 box. Actually, the createUser token should be placed into the /var/net-snmp/snmptrapd.conf file. Sometimes you have to restart the snmptrapd utility or kill -SIGHUP the process to get it to reload the /var/net-snmp/snmptrapd.conf file. One work around would be to place the following token in your snmptrapd.conf file: disableAuthorization yes ...but you really should be using authorization in most environments other than a development situation ;-) Regards, Mark http://EllisonSoftware.com On 03/24/2009 06:58 PM, Max Malzkuhn wrote: > That's what's really strange. My other trap receiver (Fedora 4) has > "never heard" of this new piece of hardware I am trying to get to send > traps to the Fedora 10 box but it receives traps from it just fine. I > looked to see if I had Authentication turned off on the FC4 box but > didn't find anything to indicate that. The FC4 box that can receive > the traps just has the > following: > > /etc/snmp/snmptrapd.conf > createUser -e 0x0102030405 edgewater MD5 edgewater DES edgewater > > /var/net-snmp/snmptrapd.conf > usmUser 1 3 0x80001f88800dcb872c4884da43 0x65646765776174657200 > 0x65646765776174657200 NULL .1.3.6.1.6.3.10.1.1.2 > 0x56c8a3b49a156b3be16db94a3b3c7aa0 .1.3.6.1.6.3.10.1.2.2 > 0x56c8a3b49a156b3be16db94a3b3c7aa0 0x00 usmUser 1 3 > 0x80001f88800dcb872c4884da43 0x65646765776174657200 > 0x65646765776174657200 NULL .1.3.6.1.6.3.10.1.1.2 > 0x56c8a3b49a156b3be16db94a3b3c7aa0 .1.3.6.1.6.3.10.1.2.2 > 0x56c8a3b49a156b3be16db94a3b3c7aa0 0x00 engineBoots 15610 > oldEngineID 0x80001f88800dcb872c4884da43 > > > So I got the engineID from the system sending the traps and put it > into /etc/snmptrapd.conf > > I re-ran snmptrapd with -D and didn't see any error messages, but when > I run it with the following, I get nothing: > > Snmptrapd -f -Le -F "%02.2h:%02.2j TRAP%w.%q from %A %W %P\n%V\n%v\n" > > Very strange. > > Max > > > -----Original Message----- > From: Mark Ellison [mailto:[email protected]] > Sent: Tuesday, March 24, 2009 3:11 PM > To: [email protected] > Cc: [email protected] > Subject: Re: Version 5.4.2.1 snmp v3 traps with snmptrapd > > > On 03/24/2009 06:07 PM, Mark Ellison wrote: > >> On 03/24/2009 05:55 PM, Max Malzkuhn wrote: >> >>> Hi Mark. How do I figure out which is the right engineID? The >>> 0102030405 is not the right one but it is what is in my receiver's >>> config that works. >>> Are you saying I should use the engineID >>> "0x80001f8880a6aba16d9a0ec949" in >>> my createUser? >>> >>> >> Did you try doing an snmpget <options> <fedora10system> >> SnmpEngineID.0? >> > Above target should be your 'source system' for sending the trap, not > the fedora 10 system that receives the trap...sorry...I am multiplexing ;-) > >> Each 'SNMP Engine' is supposed to have a unique SnmpEngineID value. >> Please see RFC 3411 for additional information. >> >> Regards, >> >> Mark >> http://EllisonSoftware.com/Services/ >> >> > > > ---------------------------------------------------------------------------- -- Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users ------------------------------------------------------------------------------ _______________________________________________ Net-snmp-users mailing list [email protected] Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
