- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
HP Procurve and SNMPv3
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2018 02:52 PM
Folks,
Has anyone been able to successfully script the enabling of SNMPv3 on HP Procurve switches? I'm running into trouble triggering commands on output from the CLI. Here is what the process looks like from the CLI:
hp-switch# conf t
hp-switch(config)# snmpv3 enable
SNMPv3 Initialization process.
Creating user 'initial'
Authentication Protocol: MD5
Enter authentication password: ******
Privacy protocol is DES
Enter privacy password: ******
User 'initial' has been created
Would you like to create a user that uses SHA? [y/n] n
User creation is done. SNMPv3 is now functional.
Would you like to restrict SNMPv1 and SNMPv2c messages to have read only
access (you can set this later by the command 'snmp restrict-access')? [y/n] n
hp-switch(config)#
Yes, it runs a mini-script while you are in config mode. So, I've got my triggers to look for the prompts which require some input, but all I've been able to achieve is the device timing out while it's waiting for the first input (Enter authentication password.
I'm assuming there is something wrong with my trigger-template, to explain why the trigger-command isn't running. Or is it possible that NetMRI doesn't realize that the device is waiting for some new input because of the non-standard prompt?
########################################################################### ## Export of Script: HP_SNMPv3 ## Script-Level: 1 ## Script-Category: ## Script-Language: CCS ########################################################################### Script: HP_SNMPv3 Script-Description: 'Enable and configure SNMPv3 on HP Procurve devices' Script-Filter: $Vendor eq "HP" Script-Variables: $authpass string "Authentication Password" $privpass string "Privacy Password" ######################################################################## Action: Enable snmpv3 on HP Procurve Switch Action-Commands: SET:$updatemade = "no" conf t snmpv3 enable Output-Triggers: Authentication Password ######################################################################## Trigger: Authentication Password Trigger-Template: Enter authentication password: Trigger-Commands: {$updatemade eq "no"} $authpass
Re: HP Procurve and SNMPv3
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2018 06:30 AM
Hi,
I believe the best approach for you is in the following section of the CCS scripting guide. Unde the "Script for Copying a File to a Device via SCP" section.
There is the option to use "Trigger-Prompt:" which will allow you to deal with each line as a separate prompt.
Re: HP Procurve and SNMPv3
[ Edited ]- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2018 08:50 AM - edited 11-21-2018 08:51 AM
Ingmar,
Thank you for the reply. I spent some time this morning solving the problem with a python script, as I found something close, and modified it to fit my needs. It's basic and can be improved, but it gets the job done for now.
from netmiko import ConnectHandler from datetime import datetime import time ip_addr01 = '10.10.10.10' hp1 = { 'device_type': 'hp_procurve', 'ip': ip_addr02, 'username': "username", 'password': "password", } all_devices = [hp1] start_time = datetime.now() print ("Start Time = {}".format(start_time)) for a_device in all_devices: net_connect = ConnectHandler(**a_device) print("----------------------------------------BEGIN {0}----------------------------------------".format(a_device['ip'])) print ("\n>>>>>>>>> Enabling SNMPv3 on - {0} <<<<<<<<<".format(a_device['ip'])) print ("\n>>>>>>>>> Entering config mode - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.config_mode() time.sleep(5) print ("\n>>>>>>>>> Begin SNMPv3 Script - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.send_command_timing("snmpv3 enable", strip_command=False, strip_prompt=False) time.sleep(10) print ("\n>>>>>>>>> Send Auth Pass - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.send_command_timing("123456", strip_command=False, strip_prompt=False) time.sleep(10) print ("\n>>>>>>>>> Send Priv Pass - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.send_command_timing("123456", strip_command=False, strip_prompt=False) time.sleep(10) print ("\n>>>>>>>>> Send First Nope - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.send_command_timing("n", strip_command=False, strip_prompt=False) time.sleep(10) print ("\n>>>>>>>>> Send Second Nope - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 = net_connect.send_command_timing("n", strip_command=False, strip_prompt=False) time.sleep(10) print ("\n>>>>>>>>> Send Proper SNMPv3 Commands - {0} <<<<<<<<<".format(a_device['ip'])) snmpv31 += net_connect.send_command("snmpv3 user testuser auth md5 md5pass priv aes privpass") snmpv31 += net_connect.send_command("snmpv3 group managerpriv user testuser sec-model ver3") snmpv31 += net_connect.send_command("no snmpv3 user initial") print ("\n>>>>>>>>> Exiting Config Mode - {0} <<<<<<<<<".format(a_device['ip'])) snmpv32 = net_connect.exit_config_mode() print ("\n>>>>>>>>> Writing to NVRAM - {0} <<<<<<<<<".format(a_device['ip'])) snmpv32 = net_connect.send_command("wr mem\r\r") print ("----------------------------------------END {0}----------------------------------------".format(a_device['ip'])) end_time = datetime.now() total_time = end_time - start_time print ("Total Time = {}".format(total_time))