Under one of the following situations you may want to use SNMPv3 with localized key:
To generate the localized key for SNMPv3 an external script/tool is required.There are many tools/scripts available using python/perl script for snmp key generation. Also Linux/Ubuntu offers an utility called "snmpkey" which can be used as well. Following example is with 'snmpkey'
1. First below information needs to be collected from ASG/ProxySG/SGVA device .
Below is an example of a SNMPv3 user configuration on SG
2. By opening an CLI prompt Linux / ubuntu system and typing 'snmpkey' will confirm whether this utility is present or not and appropriate command format for 'snmpkey'
Usage: snmpkey <authProto> <password> <authEngineID> [<privProto> [<password>]]
<authProto> = md5|sha
<privProto> = des|3des|aes
An actual command with all the parameters will generate outputs like below
$ snmpkey md5 asdf1234 80000D590430303131333133323737 des 1234asdf
As an example auth password was used here asdf1234 and privacy password was used 1234asdf. The output here is the localized key that can be used on the SG
3. Copy over the authKey & privKey from the previous step but without the beginning '0x'. Navigate under proxySG --> Maintenance --> SNMP --> SNMPv3 users --> edit the user account that was created in step 1 . Then set the authKey and privKey from step 2 under Set Localized Keys --> engine ID 'self' --> edit
4. At this step SNMPv3 is ready to test with localized key. There are many SNMP tools/utility available online.Following is an example of testing snmpv3 using 'snmpwalk'
$ SnmpWalk -r:10.169.102.82 -v:3 -sn:bcoat -aw:asdf1234 -ap:MD5 -pp:DES -pw:1234asdf -os:.22.214.171.124.4.1.34126.96.36.199.188.8.131.52 -op:.184.108.40.206.4.1.34220.127.116.11.18.104.22.168
OID=.22.214.171.124.4.1.34126.96.36.199.188.8.131.52, Type=Integer, Value=11
Here -aw and -pw are auth and privacy passwords, which were pre-defined in step 2 while generating localized key. In this test if the configuration is successful, this will return CPU utilization via OID .184.108.40.206.4.1.34220.127.116.11.18.104.22.168 over SNMPv3 using localization key.