Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Example Configuration - Sending SMPv3 traps to SNMP server

0

0

Article ID: KB31865 KB Last Updated: 22 May 2020Version: 2.0
Summary:

This article provides an example for configuring an EX device to send SNMPv3 traps to SNMP Server.

Solution:

Step 1 - Switch Configuration

  • Configure a user name.

  • Set the security level and the authentication Keys for this user.

  • Security level (Choose according to the switch configuration):

Auth, Priv
No Auth, No Priv
Auth, No Priv
  • Choose the type of SecurityPossible completions:

    •   authentication-md5                  Configure MD5 authentication
    •   authentication-none                 Set no authentication for the user​ 
    •   authentication-sha                Configure SHA authentication
    •   privacy-3des                           Configure Triple DES privacy
    •   privacy-aes128                      Configure AES128 privacy
    •   privacy-des                             Configure DES privacy
    •   privacy-none                           Set no privacy for the use​
 
​set snmp v3 usm local-engine user AuthPrivSHAUser authentication-sha authentication-key <plain text password>

set snmp v3 usm local-engine user AuthPrivSHAUser privacy-aes128 privacy-key <plain text password>
  • Set Security Model for the Security model context for group assignment.

security-to-group    Assigns security names to group
  usm                    User-based security model
  v1                       SNMPv1 model
  v2c                     SNMPv2c model
  • Set the privacy level:

  notify-view          View used to notifications
  read-view            View used for read access
  write-view           View used for write access
 
set snmp v3 vacm security-to-group security-model usm security-name AuthPrivSHAUser group test
set snmp v3 vacm access group test default-context-prefix security-model usm security-level privacy read-view view-all
set snmp v3 vacm access group test default-context-prefix security-model usm security-level privacy notify-view view-all
  • Set the Target IP Address. It is the IP address of SNMP Server.

  • Configure the target parameters.

  security-level          Security-level used when generating SNMP notifications
  security-model       Security-model used when generating SNMP notifications
  security-name        Security name used when generating SNMP notifications
 
set snmp v3 target-address TARGET address 10.9.221.199 <-- SNMP Server Address
set snmp v3 target-address TARGET port 162
set snmp v3 target-address TARGET target-parameters target1
set snmp v3 target-parameters target1 parameters message-processing-model v3
set snmp v3 target-parameters target1 parameters security-model usm
set snmp v3 target-parameters target1 parameters security-level privacy
set snmp v3 target-parameters target1 parameters security-name AuthPrivSHAUser
  • Configure Notify type (Trap/Tag)

set snmp v3 notify NOTIFY type trap
set snmp v3 notify NOTIFY tag trapreceiver
set snmp v3 notify-filter filter oid .1 include
set snmp view view-all oid .1 include
  • Set the Source Address as the device IP

set snmp trap-options source-address <Ip Address>

  <oid-name>     OID to include/exclude from notify filter
  .1                   OID to include/exclude from notify filter

Step 2 - Configure the server for receiving traps

(example of Manage Engine)



If an Interface is flapped on the switch, the traps will look similar to the ones in the following image:



The details of the messages can be seen by clicking on the “Show Details” button. The details will appear similar to the following image:

 
Modification History:
2020-04-18: Article reviewed for accuracy; no changes required.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search