[ietf79-tech] Juniper configuration for SNMPv3
Chris Elliott
chelliot at pobox.com
Wed Nov 3 22:34:49 PDT 2010
Please use chelliotpass for the user chelliot and chelliotpass-rw for the
user chelliot-rw. Sort of the exact opposite approach to passwords from
Billo's. :-)
Thanks!
Chris.
On Thu, Nov 4, 2010 at 1:28 PM, Bill Fenner <fenner at gmail.com> wrote:
> It turns out that the passwords did not transfer the way I thought
> they would. Can you please set the snmp v3 usm local-engine user
> netdisco authentication-sha authentication-key to "Disco stu does not
> advertise."? I'll let chelliot tell you what the plain text values of
> his passwords should be.
>
> Thanks,
> Bill
>
> On Thu, Nov 4, 2010 at 12:40 PM, Bill Fenner <fenner at gmail.com> wrote:
> > Hi James,
> >
> > Would you mind adding this configuration to the Juniper routers? Feel
> > free to specify a different SNMP location string.
> >
> > Thanks,
> > Bill
> >
> >
> > snmp {
> > location "IT Room";
> > v3 {
> > usm {
> > local-engine {
> > user chelliot {
> > authentication-sha {
> > authentication-key
> >
> "$9$mTQntuOEhrCApBREyr8X7-24oJGkqfUDmTQz6/uO1hev8LNVb27NwgaZkqP5QzCtO1ReM8EhK8xNY2aZUimf3nC1EcAtvWLXbwoJGDi.Fn/pO1GD/Cu0IRYg4aDifTzF695TRhSrvMikqf5F6/tpO13n/tpu1INdVwYoGDi.mTHk.5zF/9vW8L-V";
> > ## SECRET-DATA
> > }
> > privacy-none;
> > }
> > user chelliot-rw {
> > authentication-sha {
> > authentication-key
> >
> "$9$HmPQ/CtB1hn69pOBEhKM8XbsYgoDjqaJHmPfzFCtu1SrKvL7Nb8L-w24Djk.Pfn/tuOSlKB1yKWLVb24aGHqTQnuBI6/revMN-YgoJGi5QF9tuoJFnCA0OVws2JGqmf5z3.mO1RhrlGDjq.5zF/9tuTQF/9Cu0Lx7-VYoJGiHmUDi.f5F3reKvX7";
> > ## SECRET-DATA
> > }
> > privacy-none;
> > }
> > user netdisco {
> > authentication-sha {
> > authentication-key
> >
> "$9$leaMWxbs2JZjdVwgaJDjP5QFApuO1SyKIRlMW87Ns24ZHqPfzn6AQz/t0BSyevW8db24aH.PJZkPTzCA0BIhlKXxd4JGVbqmf56/uO1RhrLxNw241RNdsYoaCtp0RhKM8L7-vMaZUjq.hSyKvL7Nbw24XxNbws4oz3n/Cu1RhrlMcSrv8LN-qmPfFn";
> > ## SECRET-DATA
> > }
> > privacy-none;
> > }
> > }
> > }
> > vacm {
> > security-to-group {
> > security-model usm {
> > security-name netdisco {
> > group ietf-rw;
> > }
> > security-name chelliot {
> > group ietf;
> > }
> > security-name chelliot-rw {
> > group ietf-rw;
> > }
> > }
> > }
> > access {
> > group ietf {
> > default-context-prefix {
> > security-model usm {
> > security-level authentication {
> > read-view default;
> > write-view default;
> > notify-view default;
> > }
> > }
> > }
> > }
> > group ietf-rw {
> > default-context-prefix {
> > security-model usm {
> > security-level authentication {
> > read-view default;
> > write-view default;
> > notify-view default;
> > }
> > }
> > }
> > }
> > }
> > }
> > }
> > engine-id {
> > use-mac-address;
> > }
> > view default {
> > oid 1 include;
> > }
> > community ietf79 {
> > authorization read-only;
> > clients {
> > 130.129.0.0/16;
> > 2001:df8::/32;
> > }
> > }
> > }
> >
> _______________________________________________
> ietf79-tech mailing list
> ietf79-tech at daedelus.com
> http://www.daedelus.com/mailman/listinfo/ietf79-tech
>
--
Chris Elliott
chelliot at pobox.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.daedelus.com/pipermail/ietf79-tech/attachments/20101104/3769f9fd/attachment.html
More information about the ietf79-tech
mailing list