SNMP v3

Enter information for v3 SNMP authenticators through the General (SNMP) page, shown below. Some fields -- Version, Read Community, Write Community, and Trap Community, pre-fill with default values.

Figure 16-16  Authenticator Editor -- General (SNMP) Page

If you must process SNMP v3 informs from the device, you must supply the Redcell mediation server's SNMP v3 engineID in the Management Interfaces screen in Resource editor. The value for the engineID appears in the mediation and application server logs. It appears near the text Server Ready. For example:

2010-01-06 14:30:04,578 78235 INFO [com.dorado.core.mediation.snmp.SRSnmpSession] SNMP EngineID: 00 00 00 63 00 01 00 a1 c0 a8 86 b1

Changing the value of engineID may have important side-effects, altering both the acceptable SNMP community string and command line password for a device. If this occurs, re-configure the device’s authorized users.

[spacer]

When creating the SNMPv3 user account for Redcell ensure that all MIBs are included in that user’s view. If you discover a device using SNMPv3 but do not expose, for example, the RFC1213 system MIB to the user account initiating this discovery Redcell looks like it cannot communicate using SNMPv3.

This screen has the following fields:

General Parameters

ID -- (Required) This entry must be unique; it identifies the authentication object. The ID is only a label name under which you store the authentication and has no effect on the SNMPv3 Authentication itself.

Use for EMS-- Disregard. This entity does not support SNMP v3.

Select SNMP v3 Parameters

Security Level -- Defines the three security levels that can be used. They are:

No Authentication–Sends SNMP messages without authentication and without privacy. This requires only a valid User ID, known by the device's SNMP agent.

Authentication (No Privacy) -- Sends SNMP messages with authentication but without privacy. Requires only a valid User ID and a password.

Authentication with Privacy -- Sends SNMP messages with authentication and privacy. This requires a valid User ID, password, authentication Protocol and Privacy Key.

[spacer]

Supported authentications include: No authentication No privacy, MD5 or SHA Authentication with No privacy*, and MD5 Authentication with DES. Privacy encryption 3DES and AES are not currently supported.

User ID -- Specifies the User Name for this object. The Security user name represents the user in a format that is Security Model-independent.

Password -- Specify the password for this user.

Confirm Password -- Confirm the password.

Authentication Protocol -- Select the protocol from the pick list (MD5 or SHA). Used with the Privacy Key to produce a secret key in which to validate the connection.

Privacy Key-- Enter the privacy key. The application uses this to generate a secret key. Specifying MD5 requires the privacy key to be 16 characters long while SHA requires the privacy key to be 20 characters long.

[spacer]

Redcell does note support the same user ID with different authentication schemes. If you need to deploy a portion of the network with SHA and another with MD5 you must use different user IDs.

Confirm your entries here with File > Save or by clicking on the Save button or icon.