Saturday, March 2, 2019

VMware ESXI SNMPv3 CLI Configuration - Fast Guide

 Hello everybody, because of importance of ESXi host monitoring in virtual environment (or SDDC) management, today i want to demonstrate a fast guide for ESXi SNMP version3 configuration by ESXCLI. (Remember it will be done only by CLI not GUI) SNMP protocol v1 & v2 are not secured, because they do not support encryption and work only with a clear-text community string, while it's a security compromise to never use them anyway. I had given a promise in this post on security recommendation series to write a specific post about how to configure SNMPv3 on ESXi, so let me begin and don't waste the time anymore:


# esxcli system snmp get                        "Show the current ESXi SNMP config"
# esxcli system snmp set -r                     "Reset to default setting"
# esxcli system snmp set -e 1                 "Enable SNMP"
# esxcli system snmp set -a SHA1           "Select SHA1 Protocol"
# esxcli system snmp set -x AES128       "Select AES128 Encryption"
# esxcli system snmp set -E  Eng_ID       "Set System Engine ID"
# esxcli system snmp hash -A Auth_str  -X Priv_Str  -r 

It will generate intended hash strings, then select & copy both of them to use in the next command:
# esxcli system snmp set -R Mon_User/SHA1/hash1/AES128/hash2/Eng_ID

Also you can change some default settings, such as port and log level:
# esxcli system snmp set -p 161                            "Set SNMP Port"
# esxcli system snmp set -l warning                       "Define Log Level"

And some optional settings are included of: 
# esxcli system snmp set -C Asset_Manager           "Set Contact Information"
# esxcli system snmp set -L  Node_Location           "Set Asset Location Info"
 








Now let's check its configuration once more again:

# esxcli system snmp get

So last setting is something like this picture.
I hope it will be helpful guide for you guys, for more information please refer to VMware Links about SNMP Configuration:

No comments:

Post a Comment

I will start a new journey soon ...