The SNMPv3 traps are simply SNMPv2 traps with added authentication and privacy capabilities. The SNMPv3 adapter requires the user and engineID configured in the snmptrapd.conf file.
To enable SNMP version 3 support, you must edit the configuration file to create a user and tie that user to the engine ID sending traps. You must also grant authorization to the user.
1 In the snmptrapd.conf file, located in the MCELL_HOME\etc directory, create the following line:
createUser -e ENGINEID myuser authenticationType "my authentication pass" encryptionType "my encryption pass"
where:
_ ENGINEID is the EngineID of the application that will send the trap. (see below)
_ myuser is the USM username that will send the trap.
_ authenticationType is the authentication type (SHA or MD5; SHA is preferred)
_ "my authentication pass" is the authentication pass-phrase to use to generate the secret authentication key. Enclose it in quotation marks if it contains spaces.
_ encryptionType is the encryption type to use (AES or DES, AES is preferred)
_"my encryption pass" is the encryption pass-phrase to use to generate the secret encryption key. Enclose it in quotation marks if it contains spaces. If you do not specify an encryption pass-phrase, the encryption pass-phrase will be set to the
same pass-phrase as the authentication pass-phrase.
Plain text will also work
If customer wants to provide in encrypted format then they need to get it from vendor. Paste in the encrypted hex values provided by your SNMP team. Your SNMP team would provide this info, as it is the user encoding they would be using for the security in the traps that they would be sending.
2 Save the file.
Granting user authorization
1 In the snmptrapd.conf file, located in the MCELL_HOME\etc directory, create the following line:
authUser log,net myuser
Note:
If you want to receive version 3 traps sent with noAuthNoPriv, you'll need to add noauth
to the authUser line. For example:
authUser log,net myuser noauth
2 Save the file.
Here is an example of MCELL_HOME/etc/snmptrapd.conf
#createUser -e 0x8000000001020304 netadmin SHA 0x78d611ccc8c0b19a1d782891ce2aaba8b7f2c5fc AES 0x78d611ccc8c0b19a1d782891ce2aaba8
#authuser log netadmin