...
This is by no means a comprehensive list of the products we support.
Vendor / Operating System | SHA | AES | NMIS Considerations |
---|---|---|---|
Cisco IOS | SHA1 |
AES256 | "aes256c" needs to be configured as the entry.configuration.privprotocol" value in NMIS |
SHA1 |
AES192 | "aes192c" needs to be configured as the entry.configuration.privprotocol" value in NMIS |
SHA1 | AES128 | |
Cisco NX- |
OS | SHA1 | AES128 | |
SHA256 | AES128 | ||
Fortinet | SHA256C | AES256C | "sha256" needs to be configured as the entry.configuration.authprotocol" value in NMIS AND "aes256c" needs to be configured as the entry.configuration.privprotocol" value in NMIS |
Palo Alto | SHA1 | AES128 | |
SHA224 | AES128 | ||
SHA256 | AES128 | ||
SHA384 | AES128 | ||
SHA224 | AES192 | "aes192c" needs to be configured as the entry.configuration.privprotocol" value in NMIS | |
SHA256 | AES192 | "aes192c" needs to be configured as the entry.configuration.privprotocol" value in NMIS | |
SHA256 | AES256 | "aes256c" needs to be configured as the entry.configuration.privprotocol" value in NMIS | |
SHA384 | AES192 | "aes192c" needs to be configured as the entry.configuration.privprotocol" value in NMIS | |
SHA384 | AES256 | "aes256c" needs to be configured as the entry.configuration.privprotocol" value in NMIS |
You may notice that when configuring SNMPv3 on a (for example) Cisco IOS device that there is not an explicit AES192C/AES256C in the command, rather it is needed to be defined as AES 192 and/or AES 256.
When configuring the device for NMIS, you will need to explicitly tell it to use AES192C/AES256C using node_admin.pl (example covered previously).
...