Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ovt Bronze
Bronze

What exactly "snmp-server user ... remote <ip>" is used for?

What exactly "snmp-server user ... remote <ip>" is used for?

Does it have something to do with sending SNMPv3 traps/informs?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: What exactly "snmp-server user ... remote <ip>" is used for?

With an inform, it's the manager whose engineID is authoritative, so it will be the manager's engineID that is hashed with the remote user, and sent from the agent to the manager. In this case, with net-snmp, you would create a new snmptrapd user tied to the manager's local engineID:

createUser informUser MD5 informPass123

7 REPLIES
Cisco Employee

Re: What exactly "snmp-server user ... remote <ip>" is used for?

Yes. This is for informs to specify a remote SNMPv3 user. They are associated with the remote engineID for the specified host.

ovt Bronze
Bronze

Re: What exactly "snmp-server user ... remote <ip>" is used for?

Is it needed to send SNMPv3 traps?

BTW, is the following a v3 trap (or v2 trap):

v3 packet security model: v3 security level: auth

username: trapuser

snmpEngineID: 800000090300001DE5195603

snmpEngineBoots: 3 snmpEngineTime: 1192

SNMP: V2 Trap, reqid 1, errstat 0, erridx 0

sysUpTime.0 = 122017

snmpTrapOID.0 = snmpTraps.3

ifIndex.10001 = 10001

ifDescr.10001 = FastEthernet0/1

ifType.10001 = 6

lifEntry.20.10001 = administratively down

Cisco Employee

Re: What exactly "snmp-server user ... remote <ip>" is used for?

It is only needed for v3 informs and proxy requests. See http://www.cisco.com/en/US/docs/ios/12_2/configfun/command/reference/frf014.html#wp1055605 .

This is a v3 trap. A v2c trap would have a community string. However, the SMI version is the same for both.

ovt Bronze
Bronze

Re: What exactly "snmp-server user ... remote <ip>" is used for?

Ok, in this case what kind of informaion is hashed together for auth security model, when a v3 trap is sent? Does the v3 trap receiver need to be configured with our local EngineID or something similar?

Cisco Employee

Re: What exactly "snmp-server user ... remote <ip>" is used for?

The engineID, boots, and engine time are used. The authoritative engineID is the agent, so, yes, the manager needs to be configured with its engineID. For net-snmp, I add something like the following to var/net-snmp/snmptrapd.conf:

createUser -e 080000000323456789 v3user MD5 v3pass123

ovt Bronze
Bronze

Re: What exactly "snmp-server user ... remote <ip>" is used for?

Ok, I'm sorry, but this looks very strange to me. What information is hashed when inform is sent to an NMS? Local EngineID or remote EngineID? If Local, why do we need to specify Remote EngineID? Just to parse an ACK from the NMS?

Cisco Employee

Re: What exactly "snmp-server user ... remote <ip>" is used for?

With an inform, it's the manager whose engineID is authoritative, so it will be the manager's engineID that is hashed with the remote user, and sent from the agent to the manager. In this case, with net-snmp, you would create a new snmptrapd user tied to the manager's local engineID:

createUser informUser MD5 informPass123

488
Views
0
Helpful
7
Replies
CreatePlease login to create content