Differences

This shows you the differences between two versions of the page.

--- aix:snmp_config [2023/07/26 11:57]
manu
+++ aix:snmp_config [2023/08/18 13:32] (current)
manu [SNMPv1 / 2c public]
@@ Line 1: / Line 1: @@
 ====== Configure SNMP v3 ======
+===== SNMPv1 / 2c public =====
+<cli prompt='>'>
+root@aixtest /etc> snmpv3_ssw -n
+root@aixtest /etc> cat /etc/snmpdv3.conf
+VACM_GROUP group1 SNMPv1  public  -
+VACM_GROUP group1 SNMPv2c public -
+VACM_VIEW defaultView       internet            - included -
+VACM_VIEW defaultView        1.3.6.1.4.1.2.2.1.1.1.0    - included -
+VACM_VIEW defaultView        1.3.6.1.4.1.2.6.191.1.6    - included -
+# exclude snmpv3 related MIBs from the default view
+VACM_VIEW defaultView        snmpModules                - excluded -
+VACM_VIEW defaultView        1.3.6.1.6.3.1.1.4          - included -
+VACM_VIEW defaultView        1.3.6.1.6.3.1.1.5          - included -
+# exclude aixmibd managed MIBs from the default view
+VACM_VIEW defaultView        1.3.6.1.4.1.2.6.191        - included -
+# Added for icinga
+VACM_VIEW defaultView        1.3.6.1.2.1.25.3.8.1     - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.3.8.1.2         - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.5     - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.2          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.3          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.5          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.6          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.3.1.4          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.2          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.3          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.4          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.5          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.6          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.7          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.8          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.9          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.2.1.10          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1.2          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1.4          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1.5          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.5.1.1.2          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.5.1.1.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.4.2.1.7          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.3.3.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.3.3.1.1          - included -
+VACM_VIEW defaultView        1.3.6.1.2.1.25.3.3.1.2          - included -
+VACM_ACCESS  group1 - - noAuthNoPriv SNMPv1  defaultView - defaultView -
+VACM_ACCESS  group1 - - noAuthNoPriv SNMPv2c  defaultView - defaultView -
+COMMUNITY public    public     noAuthNoPriv 0.0.0.0     0.0.0.0         -
+</cli>
+Restart demons
+<cli prompt='>'>
+root@aixtest /etc> stopsrc -s snmpmibd;stopsrc -s aixmibd;stopsrc -s snmpd;stopsrc -s hostmibd;stopsrc -s dpid2
+root@aixtest /etc> startsrc -s snmpmibd;startsrc -s aixmibd;startsrc -s snmpd;startsrc -s hostmibd;startsrc -s dpid2
+</cli>
+**Test**
+AIX command
+<cli prompt='>'>
+root@aixtest /etc> /usr/sbin/snmpinfo -m dump -c public -h aixtest
+.3.6.1.2.1.1.1.0 = "IBM PowerPC CHRP Computer
+Machine Type: 0x0800004c Processor id: 00C2xxx04B00
+Base Operating System Runtime AIX version: 07.02.0005.0203
+...
+</cli>
+Linux command (from snmp-utils rpm)
+<cli prompt='>'>
+root@aixtest /etc> snmpwalk -v2c -m all -c public aixtest sysName.0
+SNMPv2-MIB::sysName.0 = STRING: aixtest
+root@aixtest /etc> snmpwalk -v1 -m all -c public aixtest sysName.0
+SNMPv2-MIB::sysName.0 = STRING: aixtest
+</cli>
+To filter on a specific IP change the string **COMMUNITY**, with IP or subnet
+Ex:
+  COMMUNITY public    public     noAuthNoPriv 10.10.10.10     255.255.255.255         -
+or range,
+Ex:
+  COMMUNITY public    public     noAuthNoPriv 172.10.0.0     255.255.0.0         -
+=== To change community public ===
+Change the lines with the new community string, here public is replaced by Str0ngC0mmunity:
+<code>
+VACM_GROUP group1 SNMPv1 Str0ngC0mmunity -
+COMMUNITY Str0ngC0mmunity Str0ngC0mmunity noAuthNoPriv 0.0.0.0 0.0.0.0 -
+VACM_GROUP director_group SNMPv2c Str0ngC0mmunity -
+</code>
+You then need to stop the daemons:
+<code>
+stopsrc -s aixmibd
+stopsrc -s hostmibd
+stopsrc -s snmpmibd
+stopsrc -s snmpd
+</code>
+To start the daemons, execute the following commands using the new community string:
+<code>
+startsrc -s aixmibd -a "-c Str0ngC0mmunity"
+startsrc -s hostmibd -a "-c Str0ngC0mmunity"
+startsrc -s snmpmibd -a "-c Str0ngC0mmunity"
+startsrc -s snmp
+</code>
+===== SNMPv3 public =====
 https://www.ibm.com/support/pages/ibm-aix-how-configure-community-based-snmp-and-snmp-traps

wiki

User Tools

Site Tools

Differences

Page Tools