mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added SNMP v3 configuration example for Mikrotik/ROS (#11802)

Browse Source 
The setup is tested and is working properly - hope it could save someone else time.
This commit is contained in:
Rostislav Kandilarov
2020-06-11 10:07:37 +03:00
committed by GitHub
parent 4c9a83cd55
commit d95adf4b98
1 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
doc/Support/SNMP-Configuration-Examples.md
View File

@@ -182,23 +182,45 @@ set snmp view mysnmpv3view oid iso include
#### RouterOS 6.x
CLI SNMP v2 Configuration
```
/snmp community
set [ find default=yes ] read-access=no
add addresses=<SRC IP/NETWORK> name=<COMMUNITY>
add addresses=<ALLOWED-SRC-IPs/NETMASK> name=<COMMUNITY>
/snmp
set contact="<NAME>" enabled=yes engine-id=<ENGINE ID> location="<LOCALTION>"
```
Notes:
* About the snmp community commands:
* The commands change the default snmp community. It is probably possible to create a new one instead.
* <SRC IP/NETWORK> specify the address and host (not network) netmask of the LibreNMS server. Example: 192.168.8.71/32
* <ALLOWED-SRC-IPs/NETMASK> specify the address and host (not network) netmask of the LibreNMS server. Example: 192.168.8.71/32
* trap-version=2 must also be specified if some other trap-version has been set
* trap-interfaces may also be used to limit the interfaces the router listens on
* About the snmp command:
* contact, engine-id and location are optional
* trap-community is probably required if a new snmp community has been created.
CLI SNMP v3 Configuration for *authPriv*
```
/snmp community
add name="<COMMUNITY>" addresses="<ALLOWED-SRC-IPs/NETMASK>"
set "<COMMUNITY>" authentication-password="<AUTH_PASS>" authentication-protocol=MD5
set "<COMMUNITY>" encryption-password="<ENCRYP_PASS>" encryption-protocol=AES
set "<COMMUNITY>" read-access=yes write-access=no security=private
#Disable public SNMP
set public read-access=no write-access=no security=private
/snmp
set contact="<NAME>" enabled=yes engine-id="<ENGINE ID>" location="<LOCALTION>"
```
Notes:
* Use password with length of min 8 chars
Notes for both SNMP v2 and v3
* In some cases of advanced routing one may need to set explicitly the source IP address from which the SNMP daemon will reply - `/snmp set src-address=<SELF_IP_ADDRESS>`
### Palo Alto
#### PANOS 6.x/7.x