购买或续订
购买或续订
取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
搜索替代 
您的意思是: 
cancel
开始对话
2517
查看次数
9
有帮助
20
回复

思科三层汇聚交换机型号Catalyst 4506交换机配置snmpv3,求各位大佬怎么配置

查看解答
349797592@qq.com
Spotlight
Spotlight

发布时间 ‎11-21-2023 11:21 PM

Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.03.02.SG RELEASE SOFTWARE (fc1)
以上是通过show version交换机型号以及ios版本信息
麻烦各位大神看下这个snmpv3的脚本配置怎么配置,

目前的用户名字规划为 SNsec_user,组名为SNsec_group, 认证密码SECAutH@321,加密码SECmonitor@321
跪求各位大佬啊,这个型号的snmpv3配置好像官网找不到配置

标签:
0 有帮助
2 个已接受解答

已接受的解答

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 07:27 PM

HQ38-S4506-F130#show version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.03.02.SG RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 24-Oct-12 00:32 by prod_rel_team

ROM: 15.0(1r)SG10
HQ38-S4506-F130 uptime is 2 years, 5 weeks, 6 days, 14 hours, 24 minutes
System returned to ROM by reload
System restarted at 12:58:53 UTC Tue Oct 12 2021
Running default software
Jawa Revision 7, Winter Revision 0x0.0x40

Last reload reason: Reload command

 

License Information for 'WS-X45-SUP7L-E'
License Level: entservices Type: Permanent
Next reboot license Level: entservices

cisco WS-C4506-E (MPC8572) processor (revision 6) with 2097152K/20480K bytes of memory.
Processor board ID FXS1935Q0MT
MPC8572 CPU at 1.5GHz, Supervisor 7L-E
Last reset from Reload
2 Virtual Ethernet interfaces
52 Gigabit Ethernet interfaces
2 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.

Configuration register is 0x2101

----

HQ38-S4506-F130#show license feature
Feature name Enforcement Evaluation Clear Allowed Enabled
--------------------------------------------------------------------
entservices true true true true
ipbase true false true false
lanbase false false true false
internal_service true false true false

大神,信息如以上,谢谢大神

 

 

 

在原帖中查看解决方案

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

‎11-27-2023 12:49 AM - 编辑日期 ‎11-27-2023 12:49 AM

是的,如果zabbix不能配置AES加密密码为空,那就需要在SW侧也配置加密密码,这样就需要将SW升级为K9的镜像文件,才能进行AES解密密钥的配置。

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

在原帖中查看解决方案

20 条回复20

查看解答
Rps-Cheers
VIP
VIP

发布时间 ‎11-22-2023 12:59 AM

你好;

可以参考一下:

snmp-server view ViewDefault iso included
snmp-server group SNsec_group v3 priv read ViewDefault
snmp-server user SNsec_user SNsec_group v3 auth sha SECAutH@321 priv aes 128 SECmonitor@321

Snipaste_2023-11-22_16-46-54.png

https://thwack.solarwinds.com/product-forums/engineers-toolset/f/forum/2971/how-to-properly-configure-snmpv3-in-cisco

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/XE3-8-0E/15-24E/configuration/guide/xe-380-configuration/snmp.html

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 02:25 AM

亲,不对啊,
snmp-server view ViewDefault iso included
snmp-server group SNsec_group v3 priv read ViewDefault
snmp-server user SNsec_user SNsec_group v3 auth sha SECAutH@321 priv aes 128 SECmonitor@321

这个命令配置不上去,我试过了,呜呜呜

0 有帮助

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 02:26 AM

看了官方文档,没整懂配置,球大神

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

发布时间 ‎11-22-2023 05:46 AM

不会啊,配置不上的哪一条,问号后面问不出相关命令了吗? 如果只是看不到配置的话,是正常的,snmpv3不会存在配置里面,可以通过show snmp user检查。

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 06:39 AM

HQ38-S4506-F130(config)#snmp-server view ViewDefault iso included
HQ38-S4506-F130(config)#snmp-server group SNsec_group v3 priv read ViewDefault
^
% Invalid input detected at '^' marker.

HQ38-S4506-F130(config)#snmp-server user SNsec_user SNsec_group v3 auth sha SECAutH@321 priv aes 128 SECmonitor@321
^
% Invalid input detected at '^' marker.

HQ38-S4506-F130(config)#

下面两条命令根本配置不上去,我也尝试过很多种方法

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

发布时间 ‎11-22-2023 06:47 AM

问号一下具体是哪里没有关键字吗?

R40(config)#snmp-server group G1 v3 priv ?
access specify an access-list associated with this group
context specify a context to associate these views for the group
match context name match criteria
notify specify a notify view for the group
read specify a read view for the group
write specify a write view for the group
<cr>

R40(config)#snmp-server group G1 v3 priv re
R40(config)#snmp-server group G1 v3 priv read ?
WORD read view name

在SW上测试也是可以的,另外,你的引擎是什么型号呢?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 06:50 AM

怎么查看引擎型号啊?忘记具体的命令,呜呜

 

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

发布时间 ‎11-22-2023 06:15 PM

可以通过show module查看。

Switch# show module
Mod Ports Card Type Model Serial No.
----+-----+--------------------------------------+-----------------+-----------
1 2 1000BaseX (GBIC) Supervisor(active) WS-X4014 JAB054109GH
2 6 1000BaseX (GBIC) WS-X4306 00000110
3 18 1000BaseX (GBIC) WS-X4418 JAB025104WK

...

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sga/configuration/guide/config/pwr_envr.html

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 06:19 PM


HQ38-S4506-F130#show modu
HQ38-S4506-F130#show module
Chassis Type : WS-C4506-E

Power consumed by backplane : 0 Watts

Mod Ports Card Type Model Serial No.
---+-----+--------------------------------------+------------------+-----------
1 6 Sup 7L-E 10GE (SFP+), 1000BaseX (SFP) WS-X45-SUP7L-E CAT1935L6W0
2 48 10/100/1000BaseT (RJ45) WS-X4648-RJ45-E JAE193902VD

M MAC addresses Hw Fw Sw Status
--+--------------------------------+---+------------+----------------+---------
1 188b.9de2.4d80 to 188b.9de2.4d85 3.1 15.0(1r)SG10 03.03.02.SG Ok
2 ecbd.1deb.b270 to ecbd.1deb.b29f 2.2 Ok

HQ38-S4506-F130#
你好,亲,查看到引擎是这个型号

show version的信息是这个:
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.03.02.SG RELEASE SOFTWARE (fc1)

就是纳闷了,这个配置 snmpv3真的没法配置上去.

 

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

‎11-22-2023 07:20 PM - 编辑日期 ‎11-22-2023 07:27 PM

Table 1 LAN Base/IP Base/EnterpriseServices Image Support on Cisco Catalyst 4500E Supervisor Engine 7-E and Supervisor Engine 7L-E
Feature
LAN Base
IP Base
Enterprise Services

SNMPv3 - 3DES and AES Encryption Support

Yes

Yes

Yes

SNMPv3 (SNMP Version 3)

Yes

Yes

Yes

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/release/note/OL_26675-01.html

Note The priv keyword is available only when the crypto software image is installed.

可以看看完整的如下信息:

show version

show license feature

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/15-1/XE_330SG/configuration/guide/config/snmp.html#wp1076976

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 07:27 PM

HQ38-S4506-F130#show version
Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.03.02.SG RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 24-Oct-12 00:32 by prod_rel_team

ROM: 15.0(1r)SG10
HQ38-S4506-F130 uptime is 2 years, 5 weeks, 6 days, 14 hours, 24 minutes
System returned to ROM by reload
System restarted at 12:58:53 UTC Tue Oct 12 2021
Running default software
Jawa Revision 7, Winter Revision 0x0.0x40

Last reload reason: Reload command

 

License Information for 'WS-X45-SUP7L-E'
License Level: entservices Type: Permanent
Next reboot license Level: entservices

cisco WS-C4506-E (MPC8572) processor (revision 6) with 2097152K/20480K bytes of memory.
Processor board ID FXS1935Q0MT
MPC8572 CPU at 1.5GHz, Supervisor 7L-E
Last reset from Reload
2 Virtual Ethernet interfaces
52 Gigabit Ethernet interfaces
2 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.

Configuration register is 0x2101

----

HQ38-S4506-F130#show license feature
Feature name Enforcement Evaluation Clear Allowed Enabled
--------------------------------------------------------------------
entservices true true true true
ipbase true false true false
lanbase false false true false
internal_service true false true false

大神,信息如以上,谢谢大神

 

 

 

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

发布时间 ‎11-22-2023 07:37 PM

大体从show version能够判断一下:目前是cat4500e-UNIVERSAL-M的镜像,应该要cat4500e-UNIVERSALK9-M的镜像可能才支持pri关键字。如前所述:

Note The priv keyword is available only when the crypto software image is installed.

所以如果需要按前面的命令配置,需要更换镜像。当然,你可以再明确一下现在的镜像:

show run | i boot

show bootvar

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 有帮助

查看解答
349797592@qq.com
Spotlight
Spotlight
回复 Rps-Cheers

发布时间 ‎11-22-2023 07:31 PM

QQ图片20231123113333333333333333333333333013.png

0 有帮助

查看解答
Rps-Cheers
VIP
VIP
回复 349797592@qq.com

发布时间 ‎11-22-2023 07:59 PM

license也是如此,如下红框内的相同版本的image应该是可以支持的。

Snipaste_2023-11-23_11-58-16.png

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
快捷链接

浏览社区快速链接并以您的母语获取个性化内容:

发布或浏览文章 分享想法或新闻 观看我们的所有视频
Customers Also Viewed These Support Documents