From 2c8305666388ff57111519aa779048e5f73035eb Mon Sep 17 00:00:00 2001
From: Dag Bakke <dag@bakke.com>
Date: Thu, 15 Mar 2018 09:59:31 +0100
Subject: [PATCH] docs: Update SNMP-Configuration-Examples to include ESX/ESXi
 (#8381)

* Update SNMP-Configuration-Examples.md

Added info for VMware ESX, as well as SNMPv3 for Junos

* Update SNMP-Configuration-Examples.md
---
 doc/Support/SNMP-Configuration-Examples.md | 35 ++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/doc/Support/SNMP-Configuration-Examples.md b/doc/Support/SNMP-Configuration-Examples.md
index dd5cc08186..1e5841adb6 100644
--- a/doc/Support/SNMP-Configuration-Examples.md
+++ b/doc/Support/SNMP-Configuration-Examples.md
@@ -19,6 +19,8 @@ Table of Content:
         - [RouterOS 6.x](#routeros-6x)
     - [Palo Alto](#palo-alto)
         - [PANOS 6.x/7.x](#panos-6x7x)
+    - [VMware](#vmware)
+        - [ESX/ESXi 5.x/6.x](#esxesxi-5x6x)
 - [Operating systems](#operating-systems)
     - [Linux (snmpd v2)](#linux-snmpd)
     - [Linux (snmpd v3)](#linux-snmpd-v3)
@@ -128,12 +130,23 @@ setsnmppw <community>
 
 ### Juniper
 #### Junos OS
+for SNMPv1/v2c
 ```
 set snmp description description
 set snmp location location
 set snmp contact contact
 set snmp community YOUR-COMMUNITY authorization read-only
 ```
+for SNMPv3 (authPriv):
+```
+set snmp v3 usm local-engine user authpriv authentication-sha authentication-password YOUR_AUTH_SECRET
+set snmp v3 usm local-engine user authpriv privacy-aes128 privacy-password YOUR_PRIV_SECRET
+set snmp v3 vacm security-to-group security-model usm security-name authpriv group mysnmpv3
+set snmp v3 vacm access group mysnmpv3 default-context-prefix security-model any security-level authentication read-view mysnmpv3view
+set snmp v3 vacm access group lsgv3 default-context-prefix security-model any security-level privacy read-view mysnmpv3view
+set snmp view mysnmpv3view oid iso include
+```
+
 
 ### Mikrotik
 #### RouterOS 6.x
@@ -157,6 +170,28 @@ set contact="<NAME>" enabled=yes engine-id=<ENGINE ID> location="<LOCALTION>"
 
 Note that you need to allow SNMP on the needed interfaces. To do that you need to create a network "Interface Mgmt" profile for standard interface and allow SNMP under "Device > Management > Management Interface Settings" for out of band management interface.
 
+### VMware
+#### ESX/ESXi 5.x/6.x
+
+Log on to your ESX server by means of ssh. You may have to enable the ssh service in the GUI first.
+From the CLI, execute the following commands:
+```
+esxcli system snmp set --authentication SHA1
+esxcli system snmp set --privacy AES128
+esxcli system snmp hash --auth-hash YOUR_AUTH_SECRET --priv-hash YOUR_PRIV_SECRET --raw-secret
+```
+This command produces output like this
+```
+   Authhash: f3d8982fc28e8d1346c26eee49eb2c4a5950c934
+   Privhash: 0596ab30b315576a4e9f7d7bde65bf49b749e335
+```
+Now define a SNMPv3 user:
+```
+esxcli system snmp set --users authpriv/f3d8982fc28e8d1346c26eee49eb2c4a5950c934/0596ab30b315576a4e9f7d7bde65bf49b749e335/priv
+esxcli system snmp set -L "Yourcity, Yourcountry [60.4,5.3]"
+esxcli system snmp set -C noc@your.org
+esxcli system snmp set --enable true
+```
 
 ## Operating systems
 ### Linux (snmpd v2)