...
Code Block |
---|
/usr/local/nmis9/bin/admin/testtests.pl act=snmp node=NODENAME |
...
Vendor / Operating System | SHA | AES | NMIS Considerations |
---|---|---|---|
Cisco IOS | SHA1 | AES256 | aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue |
SHA1 | AES192 | aes192c needs to be configured as the entry.configuration.privprotocol value in NMIS | |
SHA1 | AES128 | ||
Cisco NX-OS | SHA1 | AES128 | |
SHA256 | AES128 | ||
Fortinet | SHA1 | AES | |
SHA224 | AES256 Cisco | sha224 needs to be configured as the entry.configuration.authprotocol value in NMIS value AND aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
SHA256 | AES256 Cisco | sha256 needs to be configured as the entry.configuration.authprotocol value in NMIS value AND aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
SHA384 | AES256 Cisco | sha384 needs to be configured as the entry.configuration.authprotocol value in NMIS value AND aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
SHA512 | AES256 Cisco | sha512 needs to be configured as the entry.configuration.authprotocol value in NMIS value AND aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
Palo Alto | SHA1 | AES128 | |
SHA224 | AES128 | ||
SHA256 | AES128 | ||
SHA384 | AES128 | ||
SHA224 | AES192 | aes192c needs aes192c needs to be configured as the entry.configuration.privprotocol value in NMIS | |
SHA256 | AES192 | aes192c needs aes192c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
SHA256 | AES256 | aes256c needs to be configured as the entry.configuration.privprotocol value in NMIS | |
SHA384 | AES192 | aes192c needs to be configured as the entry.configuration.privprotocol value in NMIS | |
SHA384 | AES256 | aes256c needs aes256c needs to be configured as the entry.configuration.privprotocol value in NMISvalue | |
NET-SNMP (Tested on v5.8 with Ubuntu 20.04) | SHA512 | AES128 | sha512 needs to be configured as the entry.configuration.authprotocol value |
You may notice that when configuring SNMPv3 on a (for example) Cisco IOS device that there is not an explicit AES192C/AES256C in the command, rather it is needed to be defined as AES 192 and/or AES 256.
...