Juniper SRX EX QFX SNMP v3 配置案例

  最近有客户需要配置SNMP v3,之前没有配置过，找了Juniper 的官方文档看了下，个人觉得Juniper 的官方文档写的要么就是太细，要么就是重复的，对工程师来说是可以，对最终用户不是那么友好，现贴出SRX上snmp v3 的配置，供大家做个初始的配置。

稍微说明下：
snmp 用户名：testsnmp
秘钥：testsnmp
加密方式：MD5+DES

[edit snmp]
root# show
v3 {
usm {
local-engine {
user testsnmp {
authentication-md5 {
authentication-key "testsnmp"; ## SECRET-DATA
}
privacy-des {
privacy-key "testsnmp” ## SECRET-DATA
}
}
}
}
vacm {
security-to-group {
security-model usm {
security-name snmpuser {
group snmp-group;
}
}
}
access {
group snmp-group {
default-context-prefix {
security-model any {
security-level authentication {
read-view all;
write-view all;
}
}
}
}
}
}
}
view all {
oid 1. include;
}
set snmp v3 usm local-engine user testsnmp authentication-md5 authentication-key "testsnmp"
set snmp v3 usm local-engine user testsnmp privacy-des privacy-key "testsnmp"
set snmp v3 vacm security-to-group security-model usm security-name snmpuser group snmp-group
set snmp v3 vacm access group snmp-group default-context-prefix security-model any security-level authentication read-view all
set snmp v3 vacm access group snmp-group default-context-prefix security-model any security-level authentication write-view all
set snmp view all oid 1. include

配置后查看下snmp v3 的基本信息：

使用OidView 测试下使用连通性：
https://s1.51cto.com/images/blog/201712/29/22dfd7f97a283c6e6f3ab3a5a6a8be64.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)

测试通过，Bingo！！！