000037655 - How to add a second SNMP Security Name (Trap User) in RSA Authentication Manager 8.x

Document created by RSA Customer Support Employee on Jul 2, 2019Last modified by RSA Customer Support Employee on Jul 8, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000037655
Applies ToRSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.3, 8.4
IssueThere is one Nagios SNMP monitoring station to receive SNMP traps in the deployment, but there is a request to have Qualys scans/SNMP credential scans use a separate Security Name or UserID
 
SNMP setup
 

This article provides steps of adding another SNMP user by editing the /etc/snmp/snmpd.conf on the Authentication Manager server since the user interface does not allow this.
TasksTo complete this process you will need to:
  1. Stop the snmpd service.
  2. Duplicate the proxy line in /etc/snmp/snmpd.conf with the new user.
  3. Run the /usr/bin/net-snmp-config script to create the new user.
  4. Start the snmpd service.
Resolution
  1. Stop the snmpd service:
    1. Launch an SSH client, such as PuTTy.
    2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.



  1. At the command line, run:


# /etc/init.d/snmpd stop


  1. Using a text editor such as vi, duplicate the proxy line in /etc/snmp/snmpd.conf with the new user; for example, Qualysuser:


proxy -v 3 -u Qualysuser; -l authPriv -a MD5 -A AuthPWD1! -x DES -X PrivPWD1! 127.0.0.1:8002 .1.3.6.1.4.1.2197


  1. Run the /usr/bin/net-snmp-config script to create the new user


/usr/bin/net-snmp-config --create-snmpv3-user -ro -A support1! -X support1! -a MD5 -x DES Qualysuser


  1. Start snmpd service


# /etc/init.d/snmpd start



snmpd_stop


You can now snmp get or snmpwalk with two userIDs
snmp_walk_2nd_userID

Attachments

    Outcomes