Configuring SNMP Settings In ILOM
Có thể bạn quan tâm
| Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide SNMP, IPMI, WS-Man, CIM |     |
| C H A P T E R 2 |
| Configuring SNMP Settings in ILOM |
| Topics | |
|---|---|
| Description | Links |
| Verify and configure the proper ILOM values for enabling SNMP on the managed device |
|
| Configure SNMP user accounts and communities in ILOM |
|
| Manage SNMP trap settings in ILOM |
|
| Reference of Net-SNMP command examples |
|
| Related Topics | ||
|---|---|---|
| For ILOM | Section | Guide |
|
| Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide (820-6410) |
|
| Oracle Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide (820-6411) |
|
| Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide (820-6412) |
| The ILOM 3.0 Documentation Collection is available at: http://docs.sun.com/app/docs/prod/int.lights.mgr30#hic | ||
Configuring SNMP Settings in ILOM Using the CLI
You can choose to configure the SNMP settings in the ILOM CLI or web interface. This section describes the procedures for configuring the SNMP settings using the ILOM CLI.
| Topics | |
|---|---|
| Description | Links |
| Verify and configure the proper ILOM values for enabling SNMP on the managed server |
|
| Configure SNMP user accounts and communities in ILOM |
|
| Set SNMP trap properties in ILOM |
|
Enabling SNMP on Managed Server Using the CLI
Prior to using the snmpgets commands described in this guide, you should verify that the correct properties for SNMP are enabled in ILOM. Use the following procedure in this section to view and configure the ILOM CLI SNMP properties on the managed server.
| Topics | |
|---|---|
| Description | Links |
| Review requirements and special considerations |
|
| Verify and configure the proper SNMP properties in ILOM are set on the managed server |
|
Before You Begin
- To set SNMP properties in ILOM, you must have the Admin role (a) enabled.
- The SNMP servericestate property is enabled by default.
- To enable write access when using SNMP, the SNMP sets property in ILOM must be enabled. This property is disabled by default.
| Note - If the sets property is disabled in ILOM, all SNMP objects are read-only and no snmpset commands will be processed. |
- In ILOM there are three SNMP protocol version properties: v1, v2c, and v3. For v1 and v2c, "communities" are used for authentication. For v3, "users" are used for authentication. By default, v1 and v2c are disabled, even though there are default "communities" (public and private) provided. By default, v3 is enabled, but there are no pre-packaged users.
|
Configure SNMP On Managed Server Using the ILOM CLI 1. Log in to the ILOM SP CLI.
2. To view the ILOM SNMP properties, type:
show /SP/services/snmp
The following SNMP output appears.
| /SP/services/snmp Targets: communities mibs users Properties: engineid = (none) port = 161 servicestate = enabled sets = disabled v1 = disabled v2c = disabled v3 = enabled Commands: cd set show |
3. Use the set command to change any of the SNMP properties, for example:
- To enable SNMP and allow read-only only access, you must enable the servicestate property by typing:
-> set /SP/services/snmp servicestate=enabled
- To enable write privilegeswhen using SNMP, you must enable the SNMP sets property by typing:
-> set /SP/services/snmp sets=enabled
- To enable a specific SNMP protocol version (v1, v2c, or v3) property, type:
-> set /SP/services/snmp v#=enabled
where # = the SNMP protocol version you want to enable.
If you enable the snmp property for v3, you can create an account for authorizaiton and provide read write privileges by typing:
create /SP/services/snmp/users/<useraccountname> authenticationpassword=password permission=rw
-or-
If you enable the snmp property for v3, you can create an account for authorizaiton and provide readonly privileges by typing:
create /SP/services/snmp/users/<useraccountname> authenticationpassword=password
For more information about user accounts and read and write access, see the following section about Managing SNMP User Accounts and Communities Using the ILOM CLI
Managing SNMP User Accounts and Communities Using the ILOM CLI
After ensuring that the proper SNMP properties are enabled in ILOM, you need to configure SNMP user accounts and communities.
| Topics | |
|---|---|
| Description | Links |
| Review requirements prior to perform the procedures in this section |
|
| Configure user accounts using the CLI |
|
Before You Begin
Prior to performing the procedures in this chapter, you must ensure that the following requirements are met:
- To set user account CLI properties in ILOM, you need the User Management (u) role enabled.
- Verify the proper SNMP settings are enabled in ILOM. For more details, see Enabling SNMP on Managed Server Using the CLI.
| Note - When working in the ILOM CLI, if the Sets parameter is disabled, all SNMP MIB objects are read-only. |
- To execute the snmpset command, you need to use an SNMP v1 or v2c community or an SNMP v3 user account with read/write (rw) privileges.
| Note - The example SNMP commands presented in this section are based on the Net-SNMP sample applications and, therefore, will only work as presented if you have Net-SNMP and the Net-SNMP sample applications installed. |
SNMP User Account Targets, Properties, and Values
The SNMP user account targets, properties, and values are accessible under the /SP/services/snmp target. The following table identifies the targets, properties, and values that are valid for SNMP user accounts.
| Target | Property | Value | Default |
|---|---|---|---|
| /SP/services/snmp/ communities/ communityname | permissions | ro|rw | ro |
| /SP/services/snmp/users/ username | authenticationprotocol authenticationpassword* permissions privacyprotocol privacypassword+ | MD5|SHA <string> ro|rw none|DES <string> | MD5 (null string) ro none (null string) |
| /SP/services/snmp | engineid = none port = 161 servicestate = enabled sets = enabled v1 = disabled v2c = disabled v3 = disabled | <string> <integer> enable|disabled enabled|disabled enabled|disabled enabled|disabled enabled|disabled | (null string) 161 enabled disabled disabled disabled enabled |
| *> An authenticationpassword must be provided when creating or modifying users (SNMP v3 only).+> If the privacyprotocol property has a value other than none, then a privacypassword must be set. | |||
For example, to change the privacyprotocol for user a1 to DES use the following syntax:
-> set /SP/services/snmp/users/al privacyprotocol=DES privacypassword=password authenticationprotocol=SHA authenticationpassword=password
Note that the changes would be invalid if the following syntax was specified:
-> set /SP/services/snmp/users/al privacyprotocol=DES
| Note - You can change SNMP user permissions without resetting the privacy and authentication properties. |
|
1. To go to the /SP/services/snmp directory, type:
-> cd /SP/services/snmp
2. Within that directory, type the show command to view SNMP settings. The default settings are as follows:
| -> show /SP/services/snmp Targets: communities users Properties: engineid = none port = 161 servicestate = enabled sets = disabled v1 = disabled v2c = disabled v3 = enabled Commands: cd set show |
3. To view the communities, type:
-> show /SP/services/snmp/communities
| -> show /SP/services/snmp/communities /SP/services/snmp/communities Targets: private public Properties: Commands: cd create delete show |
4. To create a community with read/write privileges, type:
-> create /SP/services/snmp/communities/communityname permission=rw
| -> create /SP/services/snmp/communities/communityname permission=rw Created /SP/services/snmp/communities/communityname |
5. View the public communities by typing:
-> show /SP/services/snmp/communities/public
| -> show /SP/services/snmp/communities/public /SP/services/snmp/communities/public Targets: Properties: permission = ro Commands: cd set show |
|
1. Log in to the ILOM CLI.
2. To add an SNMP v3 read-only user account, type the following command:
-> create /SP/services/snmp/users/username authenticationpassword=password
|
1. Log in to the ILOM CLI.
2. To edit an SNMP v3 user account, type the following command:
-> set /SP/services/snmp/users/username authenticationpassword=password
| Note - When changing the parameters of SNMP users, you must provide a value for authenticationpassword, even if you are not changing the password. |
|
1. Log in to the ILOM CLI.
2. To delete an SNMP v3 user account, type the following command:
-> delete /SP/services/snmp/users/username
|
1. Log in to the ILOM CLI.
2. To add an SNMP v1/v2c community, type the following command:
-> create /SP/services/snmp/communities/communityname
|
1. Log in to the ILOM CLI.
2. To delete an SNMP v1/v2c community, type the following command:
-> delete /SP/services/snmp/communities/communityname
Managing SNMP Traps Using the ILOM CLI
To receive notifications of SNMP traps, you must configure the proper alert rule properties in ILOM. Use the following information in this section to set the proper SNMP alert rules properties in the ILOM CLI.
| Topics | |
|---|---|
| Description | Links |
| Review requirements and special considerations |
|
| Configure SNMP trap properties |
|
| CLI commond reference for configuring SNMP traps |
|
Before You Begin
- To create or edit alert rules in ILOM, you need the Admin (a) role enabled.
- When defining an SNMP trap alert for SNMP v3, the SNMP user name must be defined in ILOM as an SNMP user. If the user is not defined in ILOM as an SNMP user, the receiver of the SNMP alert will be unable to decode the SNMP alert message.
- Review the CLI commands for managing alert rule configurationin ILOM. See CLI Commands for Managing Alert Rule Configurations
- For additional information about configuring alert management settings in ILOM, see the chapter about Managing System Alerts in the Oracle Integrated Lights Out Manager (ILOM) 3.0 CLI Procedures Guide or the Oracle Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide.
|
Follow these steps to configure the destinations to which the SNMP traps are sent.
1. Log in to the ILOM CLI.
2. Type the show command to display the current settings of the alert rule.
For example:
| -> show /SP/alertmgmt/rules/1 /SP/alertmgmt/rules/1 Targets: Properties: community_or_username = public destination = 0.0.0.0 level = disable snmp_version = 1 type = snmptrap Commands: cd set show |
3. To show the /SP/alertmgmt/rules directory, type these commands:
-> cd /SP/alertmgmt/rules
-> show
| -> cd /SP/alertmgmt/rules -> show /SP/alertmgmt/rules Targets: 1 2 . . . 15 Properties: testalert = (Cannot show property) Commands: cd set show |
Choose a rule (from targets 1 through 15) for which you would like to configure a destination for SNMP traps, and go to that directory.
For example:
-> cd 4
4. Within that rule directory, type the set command to change the rule properties.
For example:
-> set type=snmptrap level=critical destination=IPaddress_of_snmp_management_station snmp_version=2c community_or_username=public
CLI Commands for Managing Alert Rule Configurations
The following table describes the CLI commands that you will need to use to manage alert rule configurations in the ILOM CLI.
| CLI Command | Description |
|---|---|
| show | The show command enables you to display any level of the alert management command tree by specifying either the full or relative path. Examples:
/SP/alertmgmt/rules/1 Properties: community_or_username = public destination = 129.148.185.52 level = minor snmp_version = 1 type = snmptrap Commands: cd set show |
| |
| |
| cd | The cd command enables you to set the working directory. To set alert management as a working directory on a server SP, you would type the following command at the command prompt: -> cd /SP/alertmgmt |
| set | The set command enables you to set values to properties from any place in the tree. You can specify either a full or relative path for the property depending on the location of the tree. For example:
|
Configuring SNMP Settings in ILOM Using the Web Interface
You can choose to configure the SNMP settings in the ILOM CLI or web interface. This section describes the procedures for configuring the SNMP settings using the ILOM web interface.
| Topics | |
|---|---|
| Description | Links |
| Verify and configure the proper ILOM values for enabling SNMP are set on the managed server |
|
| Configure SNM user accounts and communities in ILOM |
|
| Configure SNMP trap properties in ILOM |
|
Enabling SNMP On Managed Server Using the Web Interface
Prior to using the snmpgets commands described in this guide, you should verify that the correct settings for SNMP are enabled in ILOM. Use the following procedure in this section to view and configure the ILOM CLI SNMP settings on the managed server.
| Topics | |
|---|---|
| Description | Links |
| Review requirements and special considerations |
|
| Verify and configure the proper SNMP properties in ILOM are set on the managed server |
|
Before You Begin
- To set SNMP properties in ILOM you must have the Admin role (a) enabled.
- The SNMP servericestate is enabled by default.
- To enable write access when using SNMP, the SNMP Set option must be enabled. This setting is disabled by default.
| Note - If the Set option is disabled in ILOM, all SNMP objects are read-only and no snmpset commands will be processed. |
- In ILOM there are three SNMP protocol version properties: v1, v2c, and v3. For v1 and v2c, "communities" are used for authentication. For v3, "users" are used for authentication. By default, v1 and v2c are disabled, even though there are default "communities" (public and private) provided. By default, v3 is enabled, but there are no pre-packaged users.
|
1. Log in to the ILOM web interface.
2. Select Configuration --> System Management Access --> SNMP.
The SNMP Settings page appears.
3. Select the State check box to enable the SNMP port.
When State is disabled, the SNMP port is blocked, prohibiting all SNMP communication between ILOM and the network.
4. Type the port number in the Port text field.
5. Leave the Engine ID field blank. This allows the default setting to be used.
The Engine ID is automatically set by the SNMP agent. While you can use this field to set the Engine ID, we recommend that you leave this field blank. The Engine ID uniquely identifies the SNMP engine and enables users to query the SNMP agent. You should only use this field to set the Engine ID if you are familiar with SNMP v3 security and how this setting is used.
6. Select or clear the Set Requests check box to enable or disable the Set Requests option.
If the Set Requests option is disabled, all SNMP objects are read-only and no snmpset commands will be processed.
7. Select a Protocols check box to enable SNMP v1, v2c, or v3.
SNMP v3 is enabled by default. You can enable or disable v1, v2c, and v3 protocol versions.
8. Click Save.
At the bottom of the SNMP Settings page, you can also add, edit, or delete SNMP communities or users, as shown in the following screen.
Managing SNMP User Accounts and Communities Using the ILOM Web Interface
After ensuring that the proper SNMP settings are enabled in ILOM, you need to configure SNMP user accounts and communities.
| Topics | |
|---|---|
| Description | Links |
| Configure user accounts using the web interface |
|
Before You Begin
Prior to performing the procedures in this chapter, you must ensure that the following requirements are met:
- To set user account CLI properties in ILOM, you need the User Management (u) role enabled.
- Verify that the proper SNMP settings are enabled in ILOM. For more details, see Enabling SNMP on Managed Server Using the CLI.
| Note - When working in the ILOM CLI, if the Sets parameter is disabled, all SNMP MIB objects are read-only. |
- To execute the snmpset command, you need to use an SNMP v1 or v2c community or an SNMP v3 user account with read/write (rw) privileges.
|
Follow these steps to add or edit an SNMP v1 or v2c community:
1. Log in to the ILOM web interface.
2. Select Configuration --> System Management Access --> SNMP.
Scroll to the bottom half of the SNMP Settings page to find the SNMP Communities dialog.
3. To add a community, click Add.
The SNMP Community dialog box appears.
4. To edit a community, do the following:
a. Select the appropriate community radio button
b. Click Edit.
The SNMP Community dialog box appears.
5. If you are adding a new community, type the name of the community in the Community Name field; otherwise proceed to the next step.
The community name can contain up to 35 characters. It must start with an alphabetic character and cannot contain a space.
6. Select read-only (ro) or read-write (rw) in the Permissions drop-down list.
7. Click Save.
|
Follow these steps to delete an SNMP v1 or v2c community:
1. Log in to the ILOM web interface.
2. Select Configuration --> System Management Access --> SNMP.
The SNMP settings page appears.
3. Click the Communities link or scroll down to the communities list.
4. Select the radio button of the SNMP community to delete.
5. Click Delete.
A confirmation dialog box appears.
6. Click OK to delete the SNMP community.
|
Follow these steps to add or edit a SNMP v3 user accounts.
| Note - User accounts are not applicable to SNMP v1 and v2c because communities are used to control access. |
1. Log in to the ILOM web interface.
2. Select Configuration --> System Management Access --> SNMP.
The SNMP Settings page appears.
3. Click the Users link to expand the SNMP Settings page and display SNMP Users.
4. To add an SNMP user, click Add.
The Add or Edit SNMP User dialog box appears.
5. To edit an SNMP user, do the following:
a. Select the appropriate user radio button
b. Click Edit.
The Add or Edit SNMP User dialog box appears.
6. If you are adding a user, type a user name in the User Name text field; otherwise proceed to the next step.
The user name can include up to 35 characters. It must start with an alphabetic character and cannot contain spaces.
7. Select either Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) in the Authentication Protocol drop-down list.
8. Type a password in the Authentication Password text field.
The authentication password is case-sensitive and must contain 8 to 16 characters, with no colons or space characters.
9. Retype the authentication password in the Confirm Password text field.
10. Select read-only (ro) or read-write (rw) in the Permissions drop-down list.
11. Select DES or None in the Privacy Protocol drop-down list.
12. Type a password in the Privacy Password text field.
The privacy password is case-sensitive and must contain 8 to 16 characters, with no colons or space characters.
13. Retype the password in the Confirm Password text field.
14. Click Save.
|
Follow these steps to delete an SNMP v3 user account:
1. Log in to the ILOM web interface.
2. Select Configuration --> System Management Access --> SNMP.
The SNMP Settings page appears.
3. Click the Users link or scroll down to the SNMP Users list.
4. Select the radio button of the SNMP user account to delete.
5. Click Delete under the SNMP User’s List.
A confirmation dialog box opens.
6. Click OK to delete the user account.
Managing SNMP Traps Using the ILOM CLI
To receive notifications of SNMP traps, you must configure the proper alert rule properties in ILOM. Use the following information in this section to set the proper SNMP alert rules properties in the ILOM CLI.
| Topics | |
|---|---|
| Description | Links |
| Review requirements and special considerations |
|
| Configure SNMP trap settings in ILOM |
|
Before You Begin
- To create or edit alert rules in ILOM, you need the Admin (a) role enabled.
- When defining an SNMP trap alert for SNMP v3, the SNMP user name must be defined in ILOM as an SNMP user. If the user is not defined in ILOM as an SNMP user, the receiver of the SNMP alert will be unable to decode the SNMP alert message.
- For additional information about configuring alert management settings in ILOM, see the chapter about Managing System Alerts in the Integrated Lights Out Manager (ILOM) 3.0 Web Interface Procedures Guide or the Integrated Lights Out Manager (ILOM) 3.0 Concepts Guide.
|
1. Log in to the ILOM web interface.
2. Select Configuration --> Alert Management.
The Alert Settings page appears. This page shows a table of the alerts that you can configure. You can configure up to 15 alerts.
3. To create or modify an alert, select an alert radio button.
4. From the Actions drop-down list, select Edit.
The Create or Modify Alert dialog appears.
5. In the Level drop-down list, select the level of the alert.
6. In the Type drop-down list, select the alert type.
7. In the IP Address field, specify the alert destination IP address.
8. Click Save for your changes to take effect.
| Oracle Integrated Lights Out Manager (ILOM) 3.0 Management Protocols Reference Guide SNMP, IPMI, WS-Man, CIM | 820-6413-13 | |
Copyright © 2010, Oracle and/or its affiliates. All rights reserved.
Từ khóa » Snmp Ro Và Rw
-
Diffrence In Snmp RO And RW String For Discovery In Cisci LMS?
-
Differentiating Between RO And RW Snmp Communities In Prime
-
Must I Use SNMP RW? - Forum - Network Performance Monitor (NPM)
-
What Is An SNMP Community String? - KB Article · Customer Portal
-
1.4.6 Do Not Configure A Read Write SNMP Community String
-
Configuring Basic SNMP | Junos OS - Juniper Networks
-
Snmp-server Community
-
Snmp-server Community - Aruba Networks
-
SNMP - NVIDIA Networking Docs
-
Snmp-server Community - Commscope Technical Content Portal
-
What's New In 32.6.4.0 - Radware Support
-
SNMP Community Strings Tutorial And Monitoring Tool - DNSstuff
-
B-Series SAN Switches - How To Set Up And Test SNMP Traps