HPE Community
IMC
1753809 Members
7692 Online
108805 Solutions
New Discussion юеВ

Re: Guide for Configuring Procurve Switches to Communicate with IMC

 
SOLVED
Go to solution
TKS
Occasional Contributor

тАО04-29-2013 03:56 PM

тАО04-29-2013 03:56 PM

Guide for Configuring Procurve Switches to Communicate with IMC

I have installed IMC 5.0 Standard Edition (Server 2008 R2, SQL 2K8R2) and can log into the management console.

 

I have added the necessary SNMPV3 and SSH settings to my IMC.

 

I have done a manual add of the my core switch (8212zl chassis) it can ping the chassis but does not pull any of the configuration down, from what i can tell it uses SNMP for this purpose.

 

I have gone back through and rebuilt my SNMP settings on the core switch to reflect the the IMC Server details.

 

My SNMP settings from my config file look like this

 snmpv3 enable
 snmpv3 only
 snmpv3 restricted-access
 snmpv3 group ManagerPriv user "NetAdmin" sec-model ver3
 snmpv3 group OperatorAuth user "NetOp" sec-model ver3
 snmpv3 notify "Note_NetAdmin" tagvalue "Tag_NetAdmin"
 snmpv3 notify "Note_NetOp" tagvalue "Tag_NetOp"
 snmpv3 targetaddress "TA_NetAdmin" params "Param_NetAdmin" 10.2.0.251 taglist "Tag_NetAdmin"
 snmpv3 targetaddress "TA_NetOp" params "Param_NetOp" 10.2.0.251 taglist "Tag_NetOp"
 snmpv3 params "Param_NetAdmin" user "NetAdmin" sec-model ver3 message-processing ver3 priv
 snmpv3 params "Param_NetOp" user "NetOp" sec-model ver3 message-processing ver3 auth
 logging 10.1.0.230
 logging 10.2.0.251
 logging severity warning
 no telnet-server
 no web-management
 ip authorized-managers 10.1.0.0 255.255.0.0 access manager
 ip authorized-managers 10.2.0.0 255.255.0.0 access manager
 ip authorized-managers 10.150.1.251 255.255.255.255 access manager
 ip authorized-managers 10.150.1.254 255.255.255.255 access manager
 snmp-server host 10.1.0.230 community "public"
 snmpv3 user "NetAdmin"
 snmpv3 user "NetOp"

 

Now the IMC Server sits in a authorized managers subnet so i can connect to the server, i have used putty and verifiied that this works.

 

my SNMPV3 users are configured for SHA for Authentication and AES-128 for Privacy.

 

From what i have read in the manual for the switch my SNMP settings look good, as i understand the steps for snmpv3 are

  • Create User
  • Assign User to Group
  • create notify item
  • create targetaddress supplying a Params and a tag list that matches the tag list from the notify item
  • create the param that makes the names supplied in the target address

have i missed a step, is there something wrong with the config, is there a way to test snmp outside of IMC.

 

thanks.

0 Kudos
3 REPLIES 3
LindsayHill
Honored Contributor

тАО04-29-2013 06:30 PM

тАО04-29-2013 06:30 PM

Solution

Re: Guide for Configuring Procurve Switches to Communicate with IMC

Firstly, I would _strongly_ recommend you upgrade IMC to 5.2. 5.0 was released a while ago, and there's been a lot of improvements since then. I think you'll much prefer the new version.

Next, to test SNMPv3, I would probably get hold of an snmpwalk binary for your IMC server, and manually run snmpwalk from there. This lets you test that SNMPv3 is working, without involving IMC.
__
@northlandboy
TKS
Occasional Contributor

тАО04-30-2013 06:36 PM

тАО04-30-2013 06:36 PM

Re: Guide for Configuring Procurve Switches to Communicate with IMC

Thanks for the suggestions, i found a copy of SNMPWALK and using a clean switch i was able to set through the SNMPV3 settings until i worked out what the issue is.

 

The problem was i had a $ sign in my privacy password which it did not like..

 

So for some reason the OLD Procurve Tools would use the $ sign but the HP IMC would not.

 

So everything else i did was correct, glad to know i was not going crazy and now i know how to use SNMPWALK to that's another tool for the tool chest.

 

 

 

 

0 Kudos
LindsayHill
Honored Contributor

тАО04-30-2013 07:45 PM

тАО04-30-2013 07:45 PM

Re: Guide for Configuring Procurve Switches to Communicate with IMC

Good to hear you figured it out! Sometimes with certain special characters you can use them, but you need to do special things when you enter it - e.g. I know on Cisco devices, you need to use Ctrl+V before entering "?" as part of a password.

Using @ in SNMP strings is also problematic, for different reasons.

Like you say, knowing how to use snmpwalk is another useful skill. One thing I do with snmpwalk is add "system" at the end, so it just walks the "system" part of the MIB tree. Then you only get 5-10 lines back, rather than 10,000!
__
@northlandboy
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.