Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Enabling SNMP on On-Premises Ancor

            Created by Rudresha Shivamallappa, Modified on Fri, 26 Jul at 2:38 PM by VARSHINI RAVICHANDRAN

            Introduction

            This document helps to enable SNMP on On-Premises Ancor server. It helps to monitor Ancor server health from Element Manager.

            Note: Below explained configuration tested with Ubuntu 14.04 running with snmp and act as Manager (Element Manager).

             

            Configure the SNMP on Ancor server

            1. Login to Ancor as root user

             

            1. Run “apt-get update

                         Ignore below warning messages:            

            W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used.
            GPG error: http://repo.mongodb.org precise/mongodb-org/3.2 Release: The following signatures were invalid: KEYEXPIRED 1507497109

            W: Failed to fetch http://repo.mongodb.org/apt/ubuntu/dists/precise/mongodb-org/3.2/Release

            W: Some index files failed to download. They have been ignored, or old ones used instead.

             

            1. Install snmpd package.

                        apt-get install snmpd

             

            1. Edit the file /etc/snmp/snmpd.conf as per below comment.

             

            • Backup the file /etc/snmp/snmpd.conf before editing.

                         cp -pf /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig

             

            • Comment the line with loopback IP address

                     #agentAddress  udp:127.0.0.1:161

             

            • Enable/add the below line to listen all interface

                     agentAddress udp:161,udp6:[::1]:161

             

                  or

            • Enable/add only specific IP address to be allowed (In this example snmp will listen only 192.168.1.10 with port 161.

                     agentAddress  udp:192.168.1.10:161

             

            • In “SNMPv3 AUTHENTICATION” section, add below line (In this example “bootstrap” is used as snmp user, password is “password123”, these can be modified).

                     createUser bootstrap MD5 password123 DES

             

            • In “ACCESS CONTROL” section, add below line (use the same name which is used in previous step).

                     rwuser bootstrap priv

             

            • Save and exit the file with above changes.

             

            5. Restart the snmpd service.

                     service snmpd restart

             

             6. Run the below command on Element Manager (not on Ancor server) to verify Ancor is responding properly for snmp GET request.

                     snmpget -u bootstrap -l authPriv -a md5 -x DES -A password123 -X password123 192.168.2.41 1.3.6.1.2.1.1.1.0

             

             Where:

            -u USER-NAME: This parameter is used to appoint the username that you wish to authenticate as. To read or alter anything using SNMP, you must authenticate with a known username.

            -l stage: This is used to appoint the security stage that you are connecting with. The feasible belief Synonyms/Hypernyms are noAuthNoPriv for no authentication and no encryption, authNoPriv for authentication but no encryption, and authPriv for authentication and encryption. The username that you are using must be configured to operate at the security stage you select, or else the authentication will not succeed.

            -a protocol: This parameter is used to select the authentication protocol that is used. The feasible belief Synonyms/Hypernyms are MD5 or SHA. This must match the information that was appointed when the user was created.

            -x PROTOCOL: This parameter is used to select the encryption protocol that is used. The feasible belief Synonyms/Hypernyms are DES or AES. This must match the information that was appointed when the user was created. This is necessary whenever the user's privilege specification has priv after it, making encryption obligatory.

            -A passphrase: This is used to give the authentication passphrase that was selected when the user was created.

            -X PASSPHRASE: This is the encryption passphrase that was selected when the user was created. If none was selected but an encryption algorithm was given, the authentication passphrase will be used. This is demanded when the -x parameter is given or whenever an user's right specification has a priv after it, demanding encryption.

             

             Example output (OID of system information is 1.3.6.1.2.1.1.1.0, i.e., uname -a)

             # snmpget -u bootstrap -l authPriv -a md5 -x DES -A password123 -X password123 192.168.2.41  1.3.6.1.2.1.1.1.0

            Created directory: /var/lib/snmp/mib_indexes

            iso.3.6.1.2.1.1.1.0 = STRING: "Linux supportsecpod 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64"

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0