SNMPv3 user configuration in the 1830 VWM device

Perform the following to configure a new SNMPv3 user in the 1830 VWM device, if required.

1. Open a CLI session on the device.

2. Enter the following commands in the order shown to create a read-write-notify group for general SNMP mediation on the managed device:

   # config admin snmpusers add “SNMPv3_user” admin auth sha “password” priv des “password”

   # config admin snmpuser edit “SNMPv3_user” status enabled

   where

   SNMPv3_user is the name to assign to the new SNMPv3 user

   password is the password of the new SNMPv3 user.

3. Close the CLI session.

SNMPv3 user configuration in the NFM-P

Note: See the section on NE user and device security in the NSP System Administrator Guide for specific information about creating and configuring NE users.

Perform the following to configure an SNMPv3 user in the NFM-P.

1. Choose Administration→Security→NE User Configuration from the NFM-P main menu. The NE User Configuration form opens.

2. Click Create. The NE User (Create) form opens.

3. Enter the SNMPv3_username value from Step 1 or the default user name as the User Name.

4. Check the SNMP option of the Access parameter.

5. Click on the SNMPv3 tab and configure the parameters as follows:

   • Choose SHA as the Authentication Protocol.

   • Choose AES 128 as the Privacy Protocol.

   • Enter the password provided in Step 1 or the default password.

6. Save your changes and close the form.

Mediation policy configuration

Note: The 1830 VWM discovery rule requires the SNMPv3 read, write, and security access mediation policies and SNMPv2 trap access mediation policy.

Choose Administration→Mediation from the NFM-P main menu. The Mediation (Edit) form opens.

Configure the parameters on the General tab and verify the SNMP trap destination parameters in the SNMP Trap panel.

Click on the Mediation Security tab and click Create. The Mediation Policy (Create) form opens.

Configure the Policy ID and Displayed Name parameters.

Perform the following to configure the SNMPv3 mediation policy.

1. Configure the Security Model parameter to SNMPv3 (USM).

2. Select the required SNMPv3 user in the SNMPv3 panel.

Perform the following to configure the SNMPv2 mediation policy.

1. Configure the Security Model parameter to SNMP v2c.

2. Configure the Community String parameter in the SNMP v1/v2c panel.

   The community string configured in the NFM-P is automatically added in the node.

Configure the parameters in the SNMP panel. The Table 9-2, SNMP timeout lists the recommended values for Timeout (milliseconds) and Retry parameters.

Table 9-2: SNMP timeout

Save your changes and close the form.

Discovery of the 1830 VWM device

Choose Administration→Discovery Manager from the NFM-P main menu. The Discovery Manager form opens.

Click Create to configure a new discovery rule. The Create Discovery Rule step form opens.

Configure the required parameters in the Specify General Attributes step and click Next. The Add Rule Elements step form opens.

Click Create, configure the required IP parameters, and click OK. The rule element is added to the list.

Click Next. The Add Auto Discovery Rule Elements ACL step form opens.

Click Create, configure the required IP parameters, and click OK.

Click Next and the Configure Mediation Security step form opens.

Click Select in each of the following panels to specify the mediation security policies. Choose the SNMPv3 mediation security policy for read, write, and security access mediation policies and choose the SNMPv2 mediation policy for trap access mediation policy.

• Read Access Mediation Policy

• Write Access Mediation Policy

• Trap Access Mediation Policy

• Security Access Mediation Policy

Note: If you do not specify a policy, the default policy is applied.

Click Finish to close the Create Discovery Rule form.

Apply your changes in the Discovery Manager form. If the Administrative State of the newly created discovery rule is set to Up, the NFM-P scans the network using the discovery rule.

End of steps