1. No category

Avaya Aura (TM) SM and SMGR SNMP Whitepaper

Avaya Aura™ Session Manager R5.2 – SNMP Agent
Whitepaper - Issue 1.1
Abstract
This Application Note covers in some detail the SNMP capabilities of the Session Manager
server. The System Manager application provides the SNMP trap generation capabilities and
is covered here as well.
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
1 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
Table of Contents
1.
OVERVIEW .......................................................................................................................... 3
2.
SNMP V1/V2C AGENT ON SESSION MANAGER ........................................................ 3
2.1.
3.
SUPPORTED MIB GROUPS ................................................................................................ 3
SYSTEM MANAGER SNMP SUPPORT FOR SESSION MANAGER......................... 3
3.1. SNMP V3 AGENT ............................................................................................................ 3
3.1.1.
Customizing SNMPv3 users .................................................................................... 4
3.2. SNMP ALARM TRAPS ...................................................................................................... 6
3.3. CONFIGURATION OF SNMP TRAP DESTINATIONS ............................................................ 6
4.
APPENDIX A: SUPPORTED MIBS .................................................................................. 7
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
2 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
1. Overview
This application note describes the SNMP manageability for the Avaya Aura™ Session Manager
server, and the associated Avaya Aura™ System Manager server.
For Release 5.2, Session Manager provides a basic OS-level SNMP agent for basic IP discovery
and OS platform state of health purposes. SNMP alarm trapping is provided by the System
Manager application using INADS MIB-based alarm traps.
Applicable MIBs for the Session Manager solution can be found in the appendix of this
document.
2. SNMP v1/v2c Agent on Session Manager
As shipped from the factory, the Session Manager server does not provide SNMP discovery. A
tool is provided to enable/disable the SNMP agent on the Session Manager server. This agent
only supports SNMPv1 & SNMPv2c. Refer to Chapter 7 of the Maintaining and
Troubleshooting Avaya Aura Session Manager documentation available on support.avaya.com
(http://support.avaya.com/css/P8/documents/100068103) for details on how to set up the SNMP
Agent on Session Manager.
2.1. Supported MIB Groups
The SNMP agent on Session Manager provides basic IP discovery and platform monitoring
capabilities. No application specific data is accessible via the SNMP agent.
Session Manager supports the following:
 SNMPv2-MIB
 IFC-MIB
 TCP-MIB
 UDP-MIB
 HOST-RESOURCES-MIB, with the exception of the HOST-RESOURCESMIB::hrSWRun and HOST-RESOURCES-MIB::hrSWInstalled MIB groups.
3. System Manager SNMP Support for Session Manager
3.1. SNMP v3 Agent
The System Manager server also provides a basic SNMPv3 agent. The SNMP agent is enabled
by default using the following SNMP v3 credentials:


User: initial
Password: avaya123
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
3 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008



Authentication Protocol: MD5
Privacy Protocol: AES
Security Level: authPriv
3.1.1. Customizing SNMPv3 users
NOTE: Changes made to SNMPv3 users on a System Manager server will not be retained
when the System Manager template is upgraded. The customizations made to SNMPv3 users
will need to be run again after an upgrade of the System Manager template is executed.
SNMPv3 user modifications are also not backed up as part of a System Manager backup.
3.1.1.1 Create an SNMPv3 user cloned from “initial”
The following steps describe how to create a new user cloned from the default “initial” user,
which is also of type AuthPriv, authProtocol MD5, and privProtocol AES. The example below
creates‘v3user’ as the cloned user.
1. Add an entry for the new user in /etc/snmp/snmpd.conf file:
rwuser v3user
2. Restart the snmpd service. The service will need to be running before the next step.
# service snmpd restart
3. Clone the user initial to the new user added above (i.e. v3user):
# snmpusm -v 3 -u initial -n "" -l authPriv -a MD5 -A avaya123 -x AES \
-X avaya123 localhost create v3user initial
3.1.1.2 Create an SNMPv3 user with non-default settings
To create an SNMPv3 user having different security levels or the having the same security levels
but different authProtocol or privProtocol values than the existing initial user, you can use the
‘createUser’ command in the /var/net-snmp/snmpd.conf file.
1. Prior to making changes to the snmpd.conf file, the SNMP service (snmpd) should be
stopped:
# service snmpd stop
2. Add an entry for the new user in /etc/snmp/snmpd.conf file:
rwuser v3user
3. Add an entry to the /var/net-snmp/snmpd.conf file for the new user you wish to create.
Below is an example of the ‘createUser’ command to create a new user with the name of
“v3user”:
createUser v3user MD5 avaya123 AES avaya123
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
4 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
where,
‘v3user’ is the user name
‘MD5’ is the Authentication Protocol
‘avaya123’ is the authentication password
‘AES’ is the Privacy Protocol
‘avaya123’ is the privacy password.
4. Restart the SNMP service (snmpd):
# service snmpd start
5. Reload the SNMP configuration:
# service snmpd reload
3.1.1.3 Modify an SNMPv3 User
After cloning a user or creating a new user, the authKey and privKey should be set to something unique
for that user. The following steps explain how to set these values.
1. The command syntax for setting authKey and privKey to use the same value (e.g. avaya456)
for a user is shown below:
# snmpusm -v 3 -u v3user -n "" -l authPriv -a MD5 -A avaya123 -x AES -X avaya123
localhost passwd avaya123 avaya456
Where:
“v3user” is the SNMPv3 username
“avaya123” is the current Authentication Password (key) and current Privacy Password (key)
“avaya456” is the new Authentication Password (key) and new Privacy Password (key)
2. The command syntax for setting the authKey only is shown below:
# snmpusm -v 3 -u v3user -n "" -l authPriv -a MD5 -A avaya123 -x AES -X avaya234
localhost -Ca passwd avaya123 avaya456
Where:
“v3user” is the SNMPv3 username
“avaya123” is the current Authentication Password (key)
“avaya234” is the current Privacy Password (key)
“avaya456” is the new Authentication Password (key)
3. The command syntax for setting the privKey only is shown below:
# snmpusm -v 3 -u v3user -n "" -l authPriv -a MD5 -A abcd1234 -x AES -X avaya123
localhost -Cx passwd avaya123 1234abcd
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
5 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
Where:
“v3user” is the SNMPv3 username
“abcd1234” is the current Authentication Password (key)
“avaya123” is the current Privacy Password (key)
“1234abcd” is the new Privacy Password (key)
3.1.1.4 Delete User
A user can be deleted using snmpusm with the delete user option:
# snmpusm -v 3 -u v3user -n "" -l authPriv -a MD5 -A avaya123 -x AES -X
avaya234 localhost delete v3user
Where:
“v3user” is the SNMPv3 username
“avaya123” is current Authentication Password (key)
“avaya234” is the current Privacy Password (key)
3.2. SNMP Alarm Traps
Traps generated by System Manager are sent via the Secure Access Link enterprise running on
the System Manager server. As alarms are received by System Manager, it will forward those
alarms to SNMP Trap Destination(s) using the INADS Alarm MIB.
The main thing to note here is that in the System Manager case, the inadssnmpAlarmMessage is
a free-form text field. This field contains whatever text is in the alarm record Description field
within the System Manager user interface. For Session Manager, these descriptions contain an
Alarm Event ID (i.e. OP_MMTC_20021), a timestamp, and a brief description of the alarm.
More details about the Alarm Event IDs can be found in Appendix A of the Maintaining and
Troubleshooting Avaya Aura™ Session Manager document which can be downloaded from
support.avaya.com (http://support.avaya.com/css/P8/documents/100068103).
3.3. Configuration of SNMP Trap Destinations
Log into the System Manager web interface:
1. Select Settings > Service Profile Management > AlarmManagementService1.0 >
AlarmMgmt
2. Click on the Edit button.
3. Set the nms.forward field to true
4. Set the nms.urls field to contain a list of IP Address:Port combinations for each SNMP
trap destination. The list of IP/port combinations should be enclosed in brackets and
separated by a comma, i.e. [ 10.20.30.5:162,10.20.30.6:162 ]
The above example causes traps to be sent to both trap receivers in the list.
5. Click on Commit to save the changes.
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
6 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
6. At this point, the System Manager services need to be restarted. This will be disruptive
to any active System Manager user interface sessions. The restart is done by logging
into the System Manager with root permissions, then executing the following command:
# /sbin/service jboss restart
Once the command has been entered, it will take about 10 minutes for services to shut down and
restart. This completes the required procedures to set up SNMP traps for Session Manager
alarms.
4. Appendix A: Supported MIBS
The MIBs supported by the Session Manager and System Manager SNMP agents are shown in
the table below. The MIB files themselves are included here for convenience. The MIB file can
be viewed using WordPad.
MIB
RFC
MIB ASN1 File
Notes
(1) MIB-II
RFC3418
MIB-II
(2) SNMP-IF-MIB
RFC1229
SNMP Interface Support
(3) SNMP-TCP-MIB
RFC4022
Module to support TCP
implementations
(4) SNMP-UDP-MIB
RFC4113
Module to support UDP
implementations
(5) HOSTRESOURCES
RFC2790
IETF Host Resources MIB
(6) INADS-ALARM
N/A
(7) AVAYAGENERAL
N/A
(8) SYSTEMMANAGER
N/A
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
INADS alarm trap
definition for SNMP traps
forwarded from System
Manager server. (SysMgr
only)
Contains the Avaya root
MIB tree definition –
required by INADSALARM MIB. (SysMgr
only)
System Manager application
enterprise specific MIB
(SysMgr only)
7 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008
©2010 Avaya Inc. All Rights Reserved.
Avaya and the Avaya Logo are trademarks of Avaya Inc. All trademarks identified by ® and ™
are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the
property of their respective owners. The information provided in these Application Notes is
subject to change without notice. The configurations, technical data, and recommendations
provided in these Application Notes are believed to be accurate and dependable, but are
presented without express or implied warranty. Users are responsible for their application of any
products specified in these Application Notes.
Author: DV;
Reviewed:
Date (05/04/2010)
GCS Security
©2010 Avaya Inc. All Rights Reserved.
8 of 8
AvayaAuraSesMgrSNMPWhitepaper.doc
CID:146008

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz