Hi Imene,
> On 07 Jan 2015, at 16:04, Boussour, Imene (6076618) <[email protected]>
> wrote:
>
> Hi Frank,
>
> Thank you for your prompt response.
> So, The local engine ID created by the following call should be enough:
> USM usm = new USM(SecurityProtocols.getInstance().addDefaultProtocols(), new
> OctetString(MPv3.createLocalEngineID()), 0);
>
Yes, although you should create your own local engine ID using your IANA
enterprise ID.#
> The ContextName on the Trap receiver is Optional (it's a SCOM server).
> So if we specify this property, we need to set the context name of the
> ScopedPDU object by: pdu.setContextName(new OctetString("contextName"));
Correct.
> Otherwise, we don't need to add the last statement, is there a default value
> for the context Name on the ScopedPDU?
>
The default context is the empty context “”.
> How about the ConextEngineID, if we don't set it's value
> (pdu.setContextEngineID(...)) it will take the localEngineID value created by
> the previous MPv3.createLocalEngineID() call, is that correct?
Yes, if there is no context engine ID provided, the security engine ID is used
instead.
Best regards,
Frank
>
> Thanks,
> Imene.
>
>
> -----Original Message-----
> From: Frank Fock [mailto:[email protected]]
> Sent: Tuesday, January 06, 2015 6:31 PM
> To: Boussour, Imene (6076618)
> Cc: [email protected]
> Subject: Re: [SNMP4J] SNMP4J V3 Traps with specified Engine ID
>
> Hi Imene,
>
> Your understanding of SNMPv3 trap sending is not correct.
> SNMPv3 notifications (traps) are sent from a command responder entity and are
> therefore authoritative. That means, the sender (which is the command
> responder entity) uses its own security engine ID within the notification
> PDU.
>
> The receiver (= command generator) then uses the security engine ID provided
> in the notification PDU to authentication/decrypt the notification.
>
> Therefore your setup should work already, except that you have not set the
> context name of the ScopedPDU object yet.
>
> Best regards
> Frank
>
>> On 06 Jan 2015, at 21:26, Boussour, Imene (6076618) <[email protected]>
>> wrote:
>>
>> Hello List,
>>
>> I am trying to send SNMP V3 Traps to a remote server (using a Trap monitor
>> software on windows) from my Java application, I use SNMP4j stack API.
>> My questions is around the engine ID, on the Trap receiver application we
>> need to create an SNMP V3 account with, username, auth protocol... but also
>> a Context Name.
>> On the SNMP4j side, there is multiple areas where we can define of set the
>> engineID:
>> 1 - USM usm = new
>> USM(SecurityProtocols.getInstance().addDefaultProtocols(), new
>> OctetString(MPv3.createLocalEngineID()), 0);
>> 2- snmp.getUSM().addUser(mSecurityName,
>> OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"), new
>> UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol,
>> mPrivPassphrase));
>> 3- UsmUser(mSecurityName, mAuthProtocol, , mPrivProtocol,
>> mPrivPassphrase),
>> OctetString.fromHexString("80:00:13:70:c0:a8:01:0d"));
>> 4-
>> pdu.setContextEngineID(OctetString.fromHexString("80:00:13:70:c0:a8:01
>> :0d"));
>>
>> For context Name , I only found this:
>> pdu.setContextName(new OctetString("contextName"));
>>
>>
>> The SNMP4J createlocalEngineId method creates a random number, Can this work?
>> My understanding of SNMP trap V3, is that the Engine ID should match on the
>> sender and receiver. So, when we specify a custom engine ID on SNMP4J, which
>> one should we use?
>>
>> And here is the Code I am using to send Traps:
>>
>> // ltargetAddress represents the host and port we plan to
>> communicate with
>> // in the format: host/port
>> Address ltargetAddress = GenericAddress.parse
>> (mTransportType + ":" + mRemoteAddress + "/" + mRemotePort);
>>
>> TransportMapping<?> transport;
>> if (ltargetAddress instanceof UdpAddress) {
>> transport = new DefaultUdpTransportMapping();
>> } else {
>> transport = new DefaultTcpTransportMapping();
>> }
>>
>> //Create SNMP Session
>> Snmp snmp = new Snmp(transport);
>>
>> USM usm = new USM(SecurityProtocols.getInstance()
>> .addDefaultProtocols(), new OctetString(
>> MPv3.createLocalEngineID()), 0);
>>
>>
>> SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES192());
>>
>>
>> SecurityModels.getInstance().addSecurityModel(usm);
>>
>> //transport.listen();
>>
>> //Setting the security protocols
>> snmp.getUSM().addUser(
>> mSecurityName,
>> new UsmUser(mSecurityName, mAuthProtocol,
>> mAuthPassphrase, mPrivProtocol,
>> mPrivPassphrase));
>>
>>
>> // Create Target
>> UserTarget target = new UserTarget();
>> target.setAddress(ltargetAddress);
>> target.setRetries(1);
>> target.setTimeout(11500);
>> target.setVersion(SnmpConstants.version3);
>> target.setSecurityLevel(SecurityLevel.AUTH_PRIV);
>> target.setSecurityName(mSecurityName);
>>
>> // Create PDU for V3
>> ScopedPDU pdu = new ScopedPDU();
>> pdu.setType(ScopedPDU.TRAP);
>>
>> // Adding OIDs
>> pdu.add(new VariableBinding(SnmpConstants.sysUpTime,
>> new OctetString(new Date().toString())));
>>
>> pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
>>
>> SnmpConstants.linkDown));
>>
>> pdu.add(new VariableBinding(new OID(mOID), new
>> OctetString(pMessage)));
>>
>> pdu.add(new
>> VariableBinding(SnmpConstants.snmpTrapAddress,
>>
>> new IpAddress(mRemoteAddress)));
>>
>> //Send the PDU
>> snmp.listen();
>> snmp.send(pdu, target);
>> snmp.close();
>>
>> Thanks,
>> Imene
>> _______________________________________________
>> SNMP4J mailing list
>> [email protected]
>> https://oosnmp.net/mailman/listinfo/snmp4j
>
_______________________________________________
SNMP4J mailing list
[email protected]
https://oosnmp.net/mailman/listinfo/snmp4j
