Juniper SRX EX QFX SNMP v3 配置案例

  最近有客戶需要配置SNMP v3,之前沒有配置過，找了Juniper 的官方文檔看了下，個人覺得Juniper 的官方文檔寫的要麼就是太細，要麼就是重複的，對工程師來說是可以，對最終用戶不是那麼友好，現貼出SRX上snmp v3 的配置，供大家做個初始的配置。

稍微說明下：
snmp 用戶名：testsnmp
祕鑰：testsnmp
加密方式：MD5+DES

[edit snmp]
root# show
v3 {
usm {
local-engine {
user testsnmp {
authentication-md5 {
authentication-key "testsnmp"; ## SECRET-DATA
}
privacy-des {
privacy-key "testsnmp” ## SECRET-DATA
}
}
}
}
vacm {
security-to-group {
security-model usm {
security-name snmpuser {
group snmp-group;
}
}
}
access {
group snmp-group {
default-context-prefix {
security-model any {
security-level authentication {
read-view all;
write-view all;
}
}
}
}
}
}
}
view all {
oid 1. include;
}
set snmp v3 usm local-engine user testsnmp authentication-md5 authentication-key "testsnmp"
set snmp v3 usm local-engine user testsnmp privacy-des privacy-key "testsnmp"
set snmp v3 vacm security-to-group security-model usm security-name snmpuser group snmp-group
set snmp v3 vacm access group snmp-group default-context-prefix security-model any security-level authentication read-view all
set snmp v3 vacm access group snmp-group default-context-prefix security-model any security-level authentication write-view all
set snmp view all oid 1. include

配置後查看下snmp v3 的基本信息：

使用OidView 測試下使用連通性：
http://i2.51cto.com/images/blog/201712/29/22dfd7f97a283c6e6f3ab3a5a6a8be64.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

測試通過，Bingo！！！