|
|
 
In this article we set up SNMP using the Net-SNMP package. We showed how to set up user security for GNU/Linux on our Centos 4 box in this article. The procedure is a little different for Windows, because the net-snmp-config command is not available. The userid and passphrase need to be in the snmpd.conf file:
C:\usr\etc\snmp>type snmpd.conf
createUser netadmin MD5 "netadminpassword" DES
rouser netadmin
|
Make sure you restart the Net-SNMP Agent service after these changes.
This will set up a read only user netadmin that will authenticate with the passphrase netadminpassword using MD5/DES for encryption. Note that the password is available in plain text in the file, unlike with the GNU/Linux configuration; however, the traffic is still encrypted. From our GNU/Linux client, we can determine the default gateway:
[root@srv-5 ~]# snmpget -v 3 -u netadmin -l authNoPriv -a MD5 -A
netadminpassword 10.50.100.112 RFC1213-MIB::ipRouteNextHop.0.0.0.0
RFC1213-MIB::ipRouteNextHop.0.0.0.0 = IpAddress: 10.50.100.82
[root@srv-5 ~]#
|
If we enter the wrong password we are denied:
[root@srv-5 ~]# snmpget -v 3 -u netadmin -l authNoPriv -a MD5 -A
netadmnpassword 10.50.100.112 RFC1213-MIB::ipRouteNextHop.0.0.0.0
snmpget: Authentication failure (incorrect password, community or key)
[root@srv-5 ~]#
|
As when we queried a GNU/Linux box, if we store the authentication information in ~/.ssnmp/snmp.conf, the query is easier:
[root@srv-5 ~]# cat ~/.snmp/snmp.conf
defSecurityName netadmin
defContext ""
defAuthType MD5
defSecurityLevel authNoPriv
defAuthPassphrase netadminpassword
defVersion 3
[root@srv-5 ~]# snmpget 10.50.100.112 RFC1213-MIB::ipRouteNextHop.0.0.0.0
RFC1213-MIB::ipRouteNextHop.0.0.0.0 = IpAddress: 10.50.100.82
[root@srv-5 ~]#
|
|
|
