Brocade SNMP v3 setup
There are 6 preconfigured SNMPv3 users in FOS, you have to use one of them.
- snmpadmin1..3 (User 1..3) in "rw" group
- snmpuser1..3 (User 4..6) in "ro" group
Default Auth and Priv properties are set to: "noAuth" and "noPriv"
Select one of the default read-only users and modify it for STOR2RRD.
Check current SNMPv3 configuration
admin> snmpconfig --show snmpv3
SNMP Informs = 0 (OFF)
SNMPv3 USM configuration:
User 1 (rw): snmpadmin1
Auth Protocol: noAuth
Priv Protocol: noPriv
User 2 (rw): snmpadmin2
Auth Protocol: noAuth
Priv Protocol: noPriv
User 3 (rw): snmpadmin3
Auth Protocol: noAuth
Priv Protocol: noPriv
User 4 (ro): snmpuser1
Auth Protocol: noAuth
Priv Protocol: noPriv
User 5 (ro): snmpuser2
Auth Protocol: noAuth
Priv Protocol: noPriv
User 6 (ro): snmpuser3
Auth Protocol: noAuth
Priv Protocol: noPriv
Modify selected user for STOR2RRD
- change default name from "snmpuserX" to "stor2rrd"
- select Auth and Priv protocols to fit your requirements
- set Auth and Priv passwords
Note:
Auth and Priv passwords must have at least 8 characters
Press enter for entries you don't want to change (works for passwords as well)
Example
- change defualt user "snmpuser1" to "stor2rrd"
- set Auth Protocol to SHA
- set Priv Protocol to AES128
admin> snmpconfig --set snmpv3
SNMP Informs Enabled (true, t, false, f): [false]
SNMPv3 user configuration(snmp user not configured in FOS user database will have physical AD and admin role as the default):
User (rw): [snmpadmin1]
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3]
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (2..2) [2]
User (rw): [snmpadmin2]
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3]
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (2..2) [2]
User (rw): [snmpadmin3]
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3]
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (2..2) [2]
User (ro): [snmpuser1] stor2rrd << modified user
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3] 2 << modified user
New Auth Passwd: << modified user
Verify Auth Passwd: << modified user
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (1..4) [2] 3 << modified user
New Priv Passwd: << modified user
Verify Priv Passwd: << modified user
User (ro): [snmpuser2]
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3]
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (2..2) [2]
User (ro): [snmpuser3]
Auth Protocol [MD5(1)/SHA(2)/noAuth(3)]: (1..3) [3]
Priv Protocol [DES(1)/noPriv(2)/AES128(3)/AES256(4)]): (2..2) [2]
Committing configuration.....done.
Check the configuration
admin> snmpconfig --show snmpv3
SNMP Informs = 0 (OFF)
SNMPv3 USM configuration:
User 1 (rw): snmpadmin1
Auth Protocol: noAuth
Priv Protocol: noPriv
User 2 (rw): snmpadmin2
Auth Protocol: noAuth
Priv Protocol: noPriv
User 3 (rw): snmpadmin3
Auth Protocol: noAuth
Priv Protocol: noPriv
User 4 (ro): stor2rrd < modified user
Auth Protocol: SHA < modified user
Priv Protocol: AES128 < modified user
User 5 (ro): snmpuser2
Auth Protocol: noAuth
Priv Protocol: noPriv
User 6 (ro): snmpuser3
Auth Protocol: noAuth
Priv Protocol: noPriv
DES vrs AES
Do not use old DES protocol, use AES instead.
New Linuxes do not support DES protocol anyway, you might check if your operating systems supports it or does not
If bellow cmd prints anything then DES is supported and you can use it, but try to avoid that
openssl ciphers | grep DES
Add SAN switch to STOR2RRD
 |