Simple Network Management Protocol

The Simple Network Management Protocol is an application layer protocol for collecting and handling information about managed devices in IP networks. SNMP is used for network management and network monitoring. The data in SNMP is exposed in varables organized in management information bases, called MIB:s.

Overview

In WeOS 5, SNMP act as an agent if enabled and supports version SNMPv2c and SNMPv3 of the protocol. WeOS 5 also supports up to 8 users and 8 trap/inform hosts. The supported MIBS are part of the WeOS pkg file together with the conformance files. The conformance files lists the deviations and variations from the MIB files if any. The write support is limited to a few commands for the moment. To use SNMPv3 traps/informs, the engine id must be enabled first and at least one SNMPv3 user created before adding a traphost.

Configuration

Enter SNMP context

example:/#> configure
example:/config/#> management
example:/config/management/#> snmp
example:/config/management/snmp/#>

Syntax

[no] enable

This will enable or disable SNMP.

no

Disable SNMP.

[no] rocommunity <STR>

This setting controls the read-only community for SNMPv2.

no

Disables the read-only community for SNMPv2.

[no] rwcommunity <STR>

This setting controls the read-writable community for SNMPv2.

no

Disables the read-writable community for SNMPv2.

[no] trapcommunity <STR>

This setting controls the trap community for SNMPv2.

no

Disables the trap community for SNMPv2.

[no] ifindex-persistence

This setting controls if the ifindex persistence is enabled or disabled.

no

Disables the ifindex persistence.

[no] engine-id [auto|custom <STR>]

This setting controls the engine-id, which is needed for sending SNMPv3 traps.

no

Disables the engine-id.

auto

Sets the engine-id value based on the base MAC address and Westermos enterprise number.

custom

Sets the engine-id to a custom choosen string which can be between 10 and 64 characters long.

[no] listen <IFACE> [<IFACE>...]]

This setting controls which interface(s) the SNMP daemon will listen to,

all, some interfaces or none.

no

SNMP daemon will not listen to any interface.

[no] commands-allowed [reboot, factory-reset]

This setting enables or disables the one or both of the two commmands that are possible to use over SNMP. This means that it’s possible to reboot or factory reset a device on distance over SNMP if allowed here.

no

Disables one or all of the commands.

reboot

Enables or disables reboot of the device over SNMP.

factory-reset

Enables or disables factory-reset of the device over SNMP.

[no] host <IP-ADDR> [version <version> [username <USERNAME>]] [type trap|inform [resends <NUM>]]

This setting manages traphosts that will receive traps or informs from this device.

no

Disables one or all traphosts.

version

SNMP version as a figure 2 or 3. Default is 2.

username

In case of version 3 a username on a user present in the SNMP menu.

type

The type of message to send to the traphost, trap or inform. Default is trap.

resends

Number of times to resend the message in case of no ack reseived from the recipient. 0-60 number of resends is supported. Only available for informs. Default number of resends is 5.

[no] rwuser <USERNAME> [auth <md5|sha1|sha224|sha256|sha384|sha512> <PASSPHRASE> [crypto <des|aes128|aes192|aes256|aes192c|aes256c> <PASSPHRASE>]] [OIDTREE]

This setting manages read-writable users.

no

Disables one or all read-writable users.

auth

Set the authentification encryption type and required password for the authentification.

crypto

Set the encryption type and required password for the encryption.

oidtree

Restricts access for the user to the subtree rooted at the given OID. Default is full access.

[no] rouser <USERNAME> [auth <md5|sha1|sha224|sha256|sha384|sha512> <PASSPHRASE> [crypto <des|aes128|aes192|aes256|aes192c|aes256c> <PASSPHRASE>]] [OIDTREE]

This setting manages read-only users.

no

Disables one or all read-only users.

auth

Set the authentification encryption type and required password for the authentification.

crypto

Set the encryption type and required password for the encryption.

oidtree

Restricts access for the user to the subtree rooted at the given OID. Default is full access.

Examples

Add a read-writable user with authentification and crypto

example:/#> configure
example:/config/#> management
example:/config/management/#> snmp
example:/config/management/snmp/#> rwuser JohnDoe auth sha384 Secret1 crypto aes192 Secret2

Add a host for version 3 informs with the user created above

example:/#> configure
example:/config/#> management
example:/config/management/#> snmp
example:/config/management/snmp/#> host 1.2.3.4 version 3 type informs user JohnDoe