Header Only - DO NOT REMOVE - Extreme Networks

Easy steps to configure SNMPv3 to work with 3rd party NMS

What are the easy steps to configure snmpv3 on XOS switch that will be discovered by 3rd party NMS via snmpv3.

in GTAC i can see some commands that is to connect the XOS device to Netsight.

is defining snmpv3 user and snmpv3 would be enough for the xos device to be seen and managed by 3rd party NMS.

8 replies

Userlevel 7
Hi Arjumand,

Take a look at the following script for EXOS switches. It will walk you through SNMPv3 configuration.
configure snmpv3 add user SNMPUSERNAMEE authentication md5 SOMERANDOMSTRING privacy SOMERANDOMSTRING

configure snmpv3 add group GROUPNAME user SNMPUSERNAME sec-model usm

configure snmpv3 add access GROUPNAMEnetman sec-model usm sec-level priv read-view defaultAdminView write-view defaultAdminView notify-view defaultNotifyView
Thanks gentlemen
Hi Jeremy,

while configuring user for snmpv3, md5 and privacy string should always be different ?
I think they can be different. I use the same just for convenience. Also, for security reasons, there isn't a big need for us. Some places though, you might want to think about a more complex string that's unique.

tried snmpv3 config with Brocade's BNA. it didnt work
first tried with snmpv3 config
then with snmpv2
made an snmp user "xtreme" password of this user and md5 is same.. <-- can this be a problem.

the snmpv3 configuration made was..
configure snmpv3 add user xtreme authentication md5 xtreme123 privacy des xtreme456
configure snmpv3 add group x-group user xtreme sec-model usm
configure snmpv3 add access x-group sec-model usm sec-level priv read-view defaultAdminView write-view defaultAdminView notify-view defaultAdminView

disable snmp access snmp-v1v2c
disable snmpv3 default-user
disable snmpv3 default-group

since this config did not work i had to remove the snmpv3 and now in the "sh config" i can see this

# Module snmpMaster configuration.
configure snmpv3 add community "v1v2cNotifyComm1" name "xtreme@123" user "v1v2cNotifyUser1"
configure snmpv3 add community "xtreme@123" name "xtreme@123" user "v1v2c_ro"
disable snmpv3 community "xtreme@123"
configure snmpv3 add target-addr "v1v2cNotifyTAddr1" param "v1v2cNotifyParam1" ipaddress transport-port 162 tag-list "defaultNotify"
configure snmpv3 add target-params "v1v2cNotifyParam1" user "v1v2cNotifyUser1" mp-model snmpv2c sec-model snmpv2c sec-level noauth
enable snmp access
enable snmp access snmp-v1v2c
enable snmp access snmpv3

# Module stp configuration.

the above community defined "xtreme@123" was for snmpv2 and snmpv3 has taken over this.

we need to remove this all configuration and add snmpv3 only..
Userlevel 3
I understand you have a opened a GTAC case for this issue. One of our GTAC engineer will get back to you shortly.
Yes i did, i am hoping a quick resolution for this..