SNMPv2c to SNMPv3 proxy#
In this configuration SNMP Proxy Forwarder performs translation between SNMP versions.
You could test this configuration by running:
$ snmpwalk -v2c -c public 127.0.0.1:1161 system
Server configuration#
Server is configured to:
listen on UDP socket at localhost
respond to queries performed as an SNMPv2c SNMP agent
forward all queries to snmpfwd client through an unencrypted trunk connection running in client mode
#
# SNMP forwarder: Agent part configuration
#
config-version: 2
program-name: snmpfwd-server
snmp-credentials-group {
snmp-engine-id: 0x0102030405070809
snmp-transport-domain: 1.3.6.1.6.1.1.100
snmp-bind-address: 127.0.0.1:1161
snmp-security-model: 2
snmp-security-level: 1
snmp-community-name: public
snmp-security-name: public
snmp-credentials-id: snmp-credentials
}
context-group {
snmp-context-engine-id-pattern: .*?
snmp-context-name-pattern: .*?
snmp-context-id: any-context
}
content-group {
snmp-pdu-type-pattern: .*?
snmp-pdu-oid-prefix-pattern-list: 1\.3\.6\..*?
snmp-content-id: any-content
}
peers-group {
snmp-transport-domain: 1.3.6.1.6.1.1.100
snmp-bind-address-pattern-list: .*?
snmp-peer-address-pattern-list: .*?
snmp-peer-id: 100
}
trunking-group {
trunk-bind-address: 127.0.0.1
trunk-peer-address: 127.0.0.1:30301
trunk-ping-period: 60
trunk-connection-mode: client
trunk-id: trunk-1
}
routing-map {
matching-snmp-context-id-list: any-context
matching-snmp-content-id-list: any-content
route-1 {
matching-snmp-credentials-id-list: snmp-credentials
matching-snmp-content-id-list: any-content
matching-snmp-peer-id-list: 100
using-trunk-id-list: trunk-1
}
}
Download server configuration file.
Client configuration#
Client is configured to:
listen on server-mode unencrypted trunk connection
process all incoming SNMP messages in the same way
place inbound PDUs into SNMPv3 messages and forward them to public SNMP agent running at demo.pysnmp.com
#
# SNMP forwarder: Manager part configuration
#
config-version: 2
program-name: snmpfwd-client
peers-group {
snmp-engine-id: 0x0102030405070809
snmp-transport-domain: 1.3.6.1.6.1.1.1
snmp-bind-address: 0.0.0.0
snmp-security-model: 3
snmp-security-level: 3
snmp-security-name: usr-md5-des
snmp-usm-user: usr-md5-des
snmp-usm-auth-protocol: md5
snmp-usm-auth-key: authkey1
snmp-usm-priv-protocol: des
snmp-usm-priv-key: privkey1
# time out SNMP request in 1 second
snmp-peer-timeout: 100
snmp-peer-retries: 0
snmp-peer-address: 104.236.166.95:161
snmp-peer-id: snmplabs-v1
}
trunking-group {
trunk-bind-address: 127.0.0.1:30301
trunk-ping-period: 60
trunk-connection-mode: server
trunk-id: <discover>
}
original-snmp-peer-info-group {
orig-snmp-bind-address-pattern: .*?
orig-snmp-context-name-pattern: .*?
orig-snmp-pdu-type-pattern: .*?
orig-snmp-oid-prefix-pattern: .*?
orig-snmp-engine-id-pattern: .*?
orig-snmp-context-engine-id-pattern: .*?
orig-snmp-transport-domain-pattern: .*?
orig-snmp-peer-address-pattern: .*?
orig-snmp-security-level-pattern: .*?
orig-snmp-security-name-pattern: .*?
orig-snmp-security-model-pattern: .*?
orig-snmp-peer-id: manager-1
}
server-classification-group {
server-snmp-credentials-id-pattern: .*?
server-snmp-context-id-pattern: .*?
server-snmp-content-id-pattern: .*?
server-snmp-peer-id-pattern: .*?
server-classification-id: any-classification
}
routing-map {
matching-trunk-id-list: trunk-1
matching-orig-snmp-peer-id-list: manager-1
matching-server-classification-id-list: any-classification
using-snmp-peer-id-list: snmplabs-v1
}
Download client configuration file.