On Thu, Sep 26, 2013 at 03:46:59PM -0300, Theles Silveira wrote: > Now, I'm using JFFNMS for some time and it is working very well. My boss > has asked to me to start using SNMPv3 on the monitoring system, and I > simply just don't know what I'm doing wrong on JFF. Ah yes, the fun of SNMP v3, where the simple in SNMP means "not very simple at all".
First of all, try to get it working on the command line before trying it in JFFNMS. There are so many moving parts and any one of them not right will break it. > I'm monitory L2 switches from Alcatel(OS-6224) and D-Link (DES-3528). Both > upgraded to the last firmware available. The SNMPv1 is working like a > charm, but, I still can not use SNMPv3, there's something wrong and I just > can't figure out what is. I've got it working on a Linux system and a Juniper SRX100, so its possible. > On the switches, I've created another Comunity, a user and a group for v3 > access, and, I have tried with and without user passwod, with and without a > key(MD5 and SHA) and with and without Auth and priv. I generally try for authNoPriv first. The reason why I do it on the command line is it sometimes gives me more useful information. JFFNMS just kinda says "nope, not working" and that's it. PHP support for SNMPv3 is a little sad. So I try things like: $ snmpwalk -v3 -u GOODUSER -n "" -l authNoPriv -a SHA -A BADPASSWD 127.0.0.1 system snmpwalk: Authentication failure (incorrect password, community or key) (Sub-id not found: (top) -> system) or: $ snmpwalk -v3 -u GOODUSER -n "" -l authNoPriv -a SHA -A GOODPASSWD 127.0.0.1 system (lots of system table goodness shown here) If that works, then try to move onto authPriv if required. The reason why you don't start with it is because its effectively double passwords and its nearly impossible to work out what went wrong. This is all of course SNMPv3 using the USM (User-based Security Model). JFFNMS and the PHP SNMP module don't support the DTLS method with certificates. - Craig -- Craig Small VK2XLZ http://enc.com.au/ csmall at : enc.com.au Debian GNU/Linux http://www.debian.org/ csmall at : debian.org GPG fingerprint: 5D2F B320 B825 D939 04D2 0519 3938 F96B DF50 FEA5 ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ jffnms-users mailing list jffnms-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jffnms-users
