Re: [SNMP4J] Question about receiving SNMPv3 traps
Hi Frank. Thanks for the reply. One further request for clarification inlined ... Thanks Girish On Mon, Jan 7, 2019, 5:24 PM Frank Fock Hello Girish, > > You can use approach (1) with autoDiscoveryEnabled. > You mean enabled on the trap sender or receiver or both? I assume you mean trap sender - yes? if it is not enabled, you will have to use approach (2). > > Having a different user ID (you mean securityName) for each trap sender > won’t help, > because the SNMPv3 USM lookup uses the engineID anyway. > > Best regards, > Frank > > > On 7. Jan 2019, at 01:11, Girish Venkatasubramanian > wrote: > > > > Hello > > I am seeking some clarification about receiving SNMPv3 traps using > SNMP4J. > > > > In my setup, I have a few network devices configured for SNMPv3. They all > > use the *same* userName and auth and priv keys. They are configured to > use > > authentication and privacy when sending traps. > > > > In my trap receiver, which I plan to write using SNMP4J, the userName and > > credentials are known. > > > > 1) In order to receive the traps from these devices, is it sufficient to > > add an entry in the USM cache of my TrapReceiver as below ? > > > > *snmp*.getUSM().addUser( *new *OctetString(username), > > > > *new *UsmUser(*new *OctetString(username), AuthMD5. > > *ID*, *new *OctetString(authpassphrase), PrivAES128.*ID*, *new * > > OctetString(privacypassphrase))); > > > > > > From this email thread, > > http://oosnmp.net/pipermail/snmp4j/2013-April/005042.html I quote > > " > > > > If you set the autoDiscovery property of the USM to true, then it is > > even easier. > > You do not have to add localized USM users (thus you do not have to know > the > > engineIDs of the notification senders), you simply add the users without > > engineID. > > > > " > > To clarify, do I need to set the autoDiscovery property on the USM of the > > trap receiver ? > > > > 2) If I have to add a localized user for each of these trap senders, then > > should Snmp.discoverAuthoritativeEngineID(..) be used and then a > > per-trap-sender target be added using this engine ID ? That is, the key > > localization approach as shown > > https://doc.snmp.app/pages/viewpage.action?pageId=1441800 > > > > Ideally, I would like to avoid having to discover the authoritative > engine > > ID as that will restrict the ability of my trap receiver to receive traps > > only from known targets . Would having a different userName (but same > > authentication and privacy keys) for each of the trap sender help ? > > > > Any clarifications on these would be greatly appreciated. > > Thanks > > Girish > > ___ > > SNMP4J mailing list > > SNMP4J@agentpp.org > > https://oosnmp.net/mailman/listinfo/snmp4j > > ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
Re: [SNMP4J] Question about receiving SNMPv3 traps
Hello Girish, You can use approach (1) with autoDiscoveryEnabled. if it is not enabled, you will have to use approach (2). Having a different user ID (you mean securityName) for each trap sender won’t help, because the SNMPv3 USM lookup uses the engineID anyway. Best regards, Frank > On 7. Jan 2019, at 01:11, Girish Venkatasubramanian > wrote: > > Hello > I am seeking some clarification about receiving SNMPv3 traps using SNMP4J. > > In my setup, I have a few network devices configured for SNMPv3. They all > use the *same* userName and auth and priv keys. They are configured to use > authentication and privacy when sending traps. > > In my trap receiver, which I plan to write using SNMP4J, the userName and > credentials are known. > > 1) In order to receive the traps from these devices, is it sufficient to > add an entry in the USM cache of my TrapReceiver as below ? > > *snmp*.getUSM().addUser( *new *OctetString(username), > > *new *UsmUser(*new *OctetString(username), AuthMD5. > *ID*, *new *OctetString(authpassphrase), PrivAES128.*ID*, *new * > OctetString(privacypassphrase))); > > > From this email thread, > http://oosnmp.net/pipermail/snmp4j/2013-April/005042.html I quote > " > > If you set the autoDiscovery property of the USM to true, then it is > even easier. > You do not have to add localized USM users (thus you do not have to know the > engineIDs of the notification senders), you simply add the users without > engineID. > > " > To clarify, do I need to set the autoDiscovery property on the USM of the > trap receiver ? > > 2) If I have to add a localized user for each of these trap senders, then > should Snmp.discoverAuthoritativeEngineID(..) be used and then a > per-trap-sender target be added using this engine ID ? That is, the key > localization approach as shown > https://doc.snmp.app/pages/viewpage.action?pageId=1441800 > > Ideally, I would like to avoid having to discover the authoritative engine > ID as that will restrict the ability of my trap receiver to receive traps > only from known targets . Would having a different userName (but same > authentication and privacy keys) for each of the trap sender help ? > > Any clarifications on these would be greatly appreciated. > Thanks > Girish > ___ > SNMP4J mailing list > SNMP4J@agentpp.org > https://oosnmp.net/mailman/listinfo/snmp4j ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Question about receiving SNMPv3 traps
Hello I am seeking some clarification about receiving SNMPv3 traps using SNMP4J. In my setup, I have a few network devices configured for SNMPv3. They all use the *same* userName and auth and priv keys. They are configured to use authentication and privacy when sending traps. In my trap receiver, which I plan to write using SNMP4J, the userName and credentials are known. 1) In order to receive the traps from these devices, is it sufficient to add an entry in the USM cache of my TrapReceiver as below ? *snmp*.getUSM().addUser( *new *OctetString(username), *new *UsmUser(*new *OctetString(username), AuthMD5. *ID*, *new *OctetString(authpassphrase), PrivAES128.*ID*, *new * OctetString(privacypassphrase))); From this email thread, http://oosnmp.net/pipermail/snmp4j/2013-April/005042.html I quote " If you set the autoDiscovery property of the USM to true, then it is even easier. You do not have to add localized USM users (thus you do not have to know the engineIDs of the notification senders), you simply add the users without engineID. " To clarify, do I need to set the autoDiscovery property on the USM of the trap receiver ? 2) If I have to add a localized user for each of these trap senders, then should Snmp.discoverAuthoritativeEngineID(..) be used and then a per-trap-sender target be added using this engine ID ? That is, the key localization approach as shown https://doc.snmp.app/pages/viewpage.action?pageId=1441800 Ideally, I would like to avoid having to discover the authoritative engine ID as that will restrict the ability of my trap receiver to receive traps only from known targets . Would having a different userName (but same authentication and privacy keys) for each of the trap sender help ? Any clarifications on these would be greatly appreciated. Thanks Girish ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
