Skip to main content
Cluster and storage switches
La versione in lingua italiana fornita proviene da una traduzione automatica. Per eventuali incoerenze, fare riferimento alla versione in lingua inglese.

Configurare SNMPv3

Collaboratori
PDF

Seguire questa procedura per configurare SNMPv3, che supporta il monitoraggio dello stato dello switch Ethernet (CSHM).

A proposito di questa attività

I seguenti comandi configurano un nome utente SNMPv3 sugli switch Cisco 3132Q-V:

  • Per nessuna autenticazione: snmp-server user SNMPv3_USER NoAuth

  • Per l'autenticazione MD5/SHA: snmp-server user SNMPv3_USER auth [md5|sha] AUTH-PASSWORD

  • Per l'autenticazione MD5/SHA con crittografia AES/DES: snmp-server user SNMPv3_USER AuthEncrypt auth [md5|sha] AUTH-PASSWORD priv aes-128 PRIV-PASSWORD

Il seguente comando configura un nome utente SNMPv3 sul lato ONTAP: cluster1::*> security login create -user-or-group-name SNMPv3_USER -application snmp -authentication-method usm -remote-switch-ipaddress ADDRESS

Il seguente comando stabilisce il nome utente SNMPv3 con CSHM: cluster1::*> system switch ethernet modify -device DEVICE -snmp-version SNMPv3 -community-or-username SNMPv3_USER

Fasi

  1. Impostare l'utente SNMPv3 sullo switch per l'utilizzo dell'autenticazione e della crittografia:

    show snmp user

    Mostra esempio 
    (sw1)(Config)# snmp-server user SNMPv3User auth md5 <auth_password> priv aes-128 <priv_password>

(sw1)(Config)# show snmp user

-----------------------------------------------------------------------------
                              SNMP USERS
-----------------------------------------------------------------------------

User              Auth            Priv(enforce)   Groups          acl_filter
----------------- --------------- --------------- --------------- -----------
admin             md5             des(no)         network-admin
SNMPv3User        md5             aes-128(no)     network-operator

-----------------------------------------------------------------------------
     NOTIFICATION TARGET USERS (configured  for sending V3 Inform)
-----------------------------------------------------------------------------

User              Auth               Priv
----------------- ------------------ ------------

(sw1)(Config)#

  2. Impostare l'utente SNMPv3 sul lato ONTAP:

    security login create -user-or-group-name <username> -application snmp -authentication-method usm -remote-switch-ipaddress 10.231.80.212

    Mostra esempio 
    cluster1::*> system switch ethernet modify -device "sw1 (b8:59:9f:09:7c:22)" -is-monitoring-enabled-admin true

cluster1::*> security login create -user-or-group-name <username> -application snmp -authentication-method usm -remote-switch-ipaddress 10.231.80.212

Enter the authoritative entity's EngineID [remote EngineID]:

Which authentication protocol do you want to choose (none, md5, sha, sha2-256)
[none]: md5

Enter the authentication protocol password (minimum 8 characters long):

Enter the authentication protocol password again:

Which privacy protocol do you want to choose (none, des, aes128) [none]: aes128

Enter privacy protocol password (minimum 8 characters long):
Enter privacy protocol password again:

  3. Configurare CSHM per il monitoraggio con il nuovo utente SNMPv3:

    system switch ethernet show-all -device "sw1" -instance

    Mostra esempio 
    cluster1::*> system switch ethernet show-all -device "sw1" -instance

                                   Device Name: sw1
                                    IP Address: 10.231.80.212
                                  SNMP Version: SNMPv2c
                                 Is Discovered: true
   SNMPv2c Community String or SNMPv3 Username: cshm1!
                                  Model Number: N3K-C3132Q-V
                                Switch Network: cluster-network
                              Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(7)
                     Reason For Not Monitoring: None  <---- displays when SNMP settings are valid
                      Source Of Switch Version: CDP/ISDP
                                Is Monitored ?: true
                   Serial Number of the Device: QTFCU3826001C
                                   RCF Version: v1.8X2 for Cluster/HA/RDMA

cluster1::*>
cluster1::*> system switch ethernet modify -device "sw1" -snmp-version SNMPv3 -community-or-username <username>
cluster1::*>

  4. Verificare che il numero seriale da sottoporre a query con l'utente SNMPv3 appena creato sia lo stesso descritto nel passaggio precedente dopo il completamento del periodo di polling CSHM.

    system switch ethernet polling-interval show

    Mostra esempio 
    cluster1::*> system switch ethernet polling-interval show
         Polling Interval (in minutes): 5

cluster1::*> system switch ethernet show-all -device "sw1" -instance

                                   Device Name: sw1
                                    IP Address: 10.231.80.212
                                  SNMP Version: SNMPv3
                                 Is Discovered: true
   SNMPv2c Community String or SNMPv3 Username: SNMPv3User
                                  Model Number: N3K-C3132Q-V
                                Switch Network: cluster-network
                              Software Version: Cisco Nexus Operating System (NX-OS) Software, Version 9.3(7)
                     Reason For Not Monitoring: None  <---- displays when SNMP settings are valid
                      Source Of Switch Version: CDP/ISDP
                                Is Monitored ?: true
                   Serial Number of the Device: QTFCU3826001C
                                   RCF Version: v1.8X2 for Cluster/HA/RDMA

cluster1::*>