21.8.1 Configuring NNMi to authenticate SNMPv3 traps for nodes that are either managed by using SNMPv2 or SNMPv1 or that are not discovered

Follow the steps in this section if NNMi is receiving SNMPv3 traps from nodes that meet either of the following criteria:

• The device is managed using SNMPv2 or SNMPv1.

• The device is not discovered by NNMi.

You can configure NNMi to add SNMPv3 engine IDs for these devices into the SNMPv3 cache.

By configuring NNMi this way, NNMi can authenticate and store these SNMPv3 traps.

To configure NNMi to receive and store SNMPv3 traps for nodes that are managed using SNMPv2 or SNMPv1 or that are not discovered:

1. In the NNMi console, navigate to Configuration > Communication Settings.

   Configure the default, regions, or specific node settings level such that each inbound trap will have a corresponding configuration to use to authenticate the trap. For details, see Configure Default SNMPv3 Settings in NNMi Help.

   Note

   It is a good practice to use a region with included address ranges for your SNMPv3 nodes or configure a Specific Node Setting for each.

2. On the NNMi console, navigate to Configuration > Incidents > Incident Configuration.

3. Deselect Discard Unresolved SNMP Traps and Syslog Messages.

   Once you have deselected Discard Unresolved SNMP Traps and Syslog Messages, NNMi will retain traps sent from nodes that it has not discovered.

4. Run the ovstop command on the NNMi management server.

5. Edit the following file:

   • Windows: %NNM_PROPS%\nms-communication.properties

   • Linux: $NNM_PROPS/nms-communication.properties

6. Add the following line to the end of the file:

   com.hp.nnm.snmp.engineid.file=file-pathfile.txt

   The file-pathfile.txt entry is the full path and file name of the file that contains the devices.

   With these configuration changes, NNMi will read the entries from this file into the SNMPv3 cache each time you restart the NNMi processes.

   Important

   On a Linux NNMi management server, the file path will be in the usual format, such as /var/opt/OV/etc.

   On Windows NNMi management servers, use forward slashes for separators. For example, specify a file such as C:/temp/file.txt.

7. Save your changes.

8. Edit the file-pathfile.txt file.

   a. Add IP addresses for the device, port, and engine ID, separating them with the comma.

   b. Make the entry for each device on a separate line.

   An engine ID is a series of hexadecimal bytes. NNMi ignores the character case but recognizes spaces.

   Use the following examples as templates for creating your entries:

   16.1.2.3,161,80 00 00 09 30 00 00 1f e9 a3 33 01
   16.1.2.4,161,80 00 00 11 03 00 00 2d 51 99 30 00
   1050:0000:0000:0000:0005:0600:300c:326b, 161, 800000090300001f9ea33000
   ff06::c3,161,80 00 00 09 03 00 00 1f 9A A3 30 00

   a. Run the ovstart command on the NNMi management server to start NNMi and read the file-pathfile.txt file.

   b. Check the Boot.log file to verify that NNMi read the file.

   Verify that the file contains log messages similar to the following indicating that the file was read:

   2012-10-17 14:44:44.876 INFO [NnmTrapService]Start: Populate engineIDs from file
   2012-10-17 14:45:08.017 INFO [SnmpV3EngineIdCachePopulator]Successfully loaded 3 V3
   Engine IDs from file /temp/patch2/v3hosts.txt

   If there was a failure mapping a node to a valid configuration, you will see a message similar to the following:

   2012-10-17 14:45:03.485 WARNING [SnmpV3EngineIdCachePopulator]V3
   Engine IDs: Could not resolve SNMPv3 configuration for 16.1.2.6

   If you see a message similar to this, adjust the Configuration > Communication Configuration settings for the affected node.

   Note

   If you need to remove an entry from the cache as well as from the file-pathfile.txt file, it is best to remove the entry from the file-pathfile.txt, and then restart NNMi by running the following commands:

   ovstop

   ovstart

To Page Top