Notes on SNMP
Notes on SNMP
- In XCP 4030 and XCP 3120, to use the SNMPv3 agent, the default encryption protocol was changed for security reasons to Advanced Encryption Standard (AES). When Data Encryption Standard (DES) is used for the encryption protocol, we recommend changing the setting to AES.
- When using the SNMPv3 agent, after setting up the authentication protocol and the encryption protocol using the setsnmp(8) command, be sure to set up User-based Security Model (USM) management information using the setsnmpusm(8) command and View-based Access Control Model (VACM) management information using the setsnmpvacm(8) command. Specification of the authentication protocol and the encryption protocol is required in the SNMPv3 agent setup process. Moreover, the password, set up when executing the setsnmp(8) and setsnmpusm(8) commands, will also be necessary.
- If a server, on which the SNMP manager is not running, is registered as the inform trap host of SNMPv3, execution of setsnmp(8), setsnmpusm(8) or setsnmpvacm(8) commands may output the "Agent restart failed" message. This message is output when there is an abnormality in the restarting of the SNMP agent, but as the SNMP agent works properly even if this messages is output, it has no effect on the system. Register the trap host after the SNMP manager had been started.
- If the setsnmp(8) command is executed with the addtraphost or addv3traphost operand and a trap host is registered with the host name consisting of 16 or more characters, the UDP address of the trap that is reported to the trap host, becomes the IP address that is assigned to the XSCF-LAN (physical IP address), instead of the takeover IP address (virtual IP address). This symptom occurs when a takeover IP address is set up.
If the host name of the trap host consists more than 16 characters, register the trap host with its IP address, not its host name.
[Workaround]
If a host name with more than 16 characters has already been registered, execute the setsnmp(8) command with either the remtraphost or remv3traphost operand to remove the trap host and register the trap host again with the IP address. - When the trap host is registered with the setsnmp(8) command, the following message may be output.
| iptables v1.4.7: host/network 'example.com' not found Try 'iptables -h' or 'iptables --help' for more information. |
- This message indicates that the name resolution has not been executed for the host name of the registered host.
Although the trap host has been properly registered, traps are not reported to the trap host as name of the trap host could not be resolved.
Set up the name server by executing the setnameserver(8) command and conduct name resolution for the target host.
< Previous Page | Next Page >