Hi Frank,
Thank you for your prompt response.
So, The local engine ID created by the following call should be enough:
USM usm = new USM(SecurityProtocols.getInstance().addDefaultProtocols(), new
OctetString(MPv3.createLocalEngineID()), 0);
The ContextName on the Trap receiver is Optional (it's a SCOM server).
So if we specify this property, we need to set the context name of the
ScopedPDU object by: pdu.setContextName(new OctetString("contextName"));
Otherwise, we don't need to add the last statement, is there a default value
for the context Name on the ScopedPDU?
How about the ConextEngineID, if we don't set it's value
(pdu.setContextEngineID(...)) it will take the localEngineID value created by
the previous MPv3.createLocalEngineID() call, is that correct?
Thanks,
Imene.
-----Original Message-----
From: Frank Fock [mailto:[email protected]]
Sent: Tuesday, January 06, 2015 6:31 PM
To: Boussour, Imene (6076618)
Cc: [email protected]
Subject: Re: [SNMP4J] SNMP4J V3 Traps with specified Engine ID
Hi Imene,
Your understanding of SNMPv3 trap sending is not correct.
SNMPv3 notifications (traps) are sent from a command responder entity and are
therefore authoritative. That means, the sender (which is the command responder
entity) uses its own security engine ID within the notification PDU.
The receiver (= command generator) then uses the security engine ID provided in
the notification PDU to authentication/decrypt the notification.
Therefore your setup should work already, except that you have not set the
context name of the ScopedPDU object yet.
Best regards
Frank
> On 06 Jan 2015, at 21:26, Boussour, Imene (6076618) <[email protected]>
> wrote:
>
> Hello List,
>
> I am trying to send SNMP V3 Traps to a remote server (using a Trap monitor
> software on windows) from my Java application, I use SNMP4j stack API.
> My questions is around the engine ID, on the Trap receiver application we
> need to create an SNMP V3 account with, username, auth protocol... but also a
> Context Name.
> On the SNMP4j side, there is multiple areas where we can define of set the
> engineID:
> 1 - USM usm = new
> USM(SecurityProtocols.getInstance().addDefaultProtocols(), new
> OctetString(MPv3.createLocalEngineID()), 0);
> 2- snmp.getUSM().addUser(mSecurityName,
> OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"), new
> UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol,
> mPrivPassphrase));
> 3- UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol,
> mPrivPassphrase),
> OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"));
> 4-
> pdu.setContextEngineID(OctetString.fromHexString("80:00:13:70:c0:a8:01
> :0d"));
>
> For context Name , I only found this:
> pdu.setContextName(new OctetString("contextName"));
>
>
> The SNMP4J createlocalEngineId method creates a random number, Can this work?
> My understanding of SNMP trap V3, is that the Engine ID should match on the
> sender and receiver. So, when we specify a custom engine ID on SNMP4J, which
> one should we use?
>
> And here is the Code I am using to send Traps:
>
> // ltargetAddress represents the host and port we plan to
> communicate with
> // in the format: host/port
> Address ltargetAddress = GenericAddress.parse
> (mTransportType + ":" + mRemoteAddress + "/" + mRemotePort);
>
> TransportMapping<?> transport;
> if (ltargetAddress instanceof UdpAddress) {
> transport = new DefaultUdpTransportMapping();
> } else {
> transport = new DefaultTcpTransportMapping();
> }
>
> //Create SNMP Session
> Snmp snmp = new Snmp(transport);
>
> USM usm = new USM(SecurityProtocols.getInstance()
> .addDefaultProtocols(), new OctetString(
> MPv3.createLocalEngineID()), 0);
>
>
> SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES192());
>
>
> SecurityModels.getInstance().addSecurityModel(usm);
>
> //transport.listen();
>
> //Setting the security protocols
> snmp.getUSM().addUser(
> mSecurityName,
> new UsmUser(mSecurityName, mAuthProtocol,
> mAuthPassphrase, mPrivProtocol,
> mPrivPassphrase));
>
>
> // Create Target
> UserTarget target = new UserTarget();
> target.setAddress(ltargetAddress);
> target.setRetries(1);
> target.setTimeout(11500);
> target.setVersion(SnmpConstants.version3);
> target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
> target.setSecurityName(mSecurityName);
>
> // Create PDU for V3
> ScopedPDU pdu = new ScopedPDU();
> pdu.setType(ScopedPDU.TRAP);
>
> // Adding OIDs
> pdu.add(new VariableBinding(SnmpConstants.sysUpTime,
> new OctetString(new Date().toString())));
>
> pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
>
> SnmpConstants.linkDown));
>
> pdu.add(new VariableBinding(new OID(mOID), new
> OctetString(pMessage)));
>
> pdu.add(new
> VariableBinding(SnmpConstants.snmpTrapAddress,
>
> new IpAddress(mRemoteAddress)));
>
> //Send the PDU
> snmp.listen();
> snmp.send(pdu, target);
> snmp.close();
>
> Thanks,
> Imene
> _______________________________________________
> SNMP4J mailing list
> [email protected]
> https://oosnmp.net/mailman/listinfo/snmp4j
_______________________________________________
SNMP4J mailing list
[email protected]
https://oosnmp.net/mailman/listinfo/snmp4j
