ScreenOS Firewalls (NOT SRX)
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
vyaaghrah
Visitor
vyaaghrah
Posts: 3
Registered: ‎05-06-2008
0
Accepted Solution

Upgrading SSG 550M to SNMPv3

Options

‎09-01-2008 04:41 AM

Hi All

 

Need to upgrade the SSG 550M current ver 5.4.0r6.0.  to upgrade to version which supports SNMPv3. Kindlly suggest which version supports the same.

Also i was going through the upgrade procedure have one more query regarding it the upgrade path suggest 5.4.0rx ----> 6.1.0rx.

Does this require any specific version from 5.4 rel before i upgrade to 6.1.

 

Kindly suggest.

abhi

Message 1 of 5 (8,224 Views)
 
Reply
Trusted Expert
Trusted Expert
AndyC
Posts: 441
Registered: ‎07-08-2008
0

Re: Upgrading SSG 550M to SNMPv3

Options

‎09-01-2008 04:50 AM

Hi,

 

No current version of ScreenOS supports SNMP v3 there is only support for v1 & v2c. I have no idea if it will be supported in the future or not.

 

Have a look at the following guide for the recommended upgrade path.

 

http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/upgrade_guide.pdf

 

Regards

 

Andy

JNCIS-FWV
JNCIA-WX
JNCIA-SSL
JNCIA-ER
Message 2 of 5 (8,223 Views)
 
Reply
Sohail
Visitor
Sohail
Posts: 6
Registered: ‎03-08-2008
0

Re: Upgrading SSG 550M to SNMPv3

Options

‎01-03-2011 10:37 PM

Dear friend

 

please note 6.3 support SNMP V3.

 

 

Waseem.ahsan@gmail.com

Message 3 of 5 (2,565 Views)
 
Reply
Farhan Ali
Contributor
Farhan Ali
Posts: 11
Registered: ‎09-23-2011
0

Re: Upgrading SSG 550M to SNMPv3

Options

‎09-23-2011 04:56 AM

Hi Guys,

 

I am just pasting an example configuration for you guys. May be it helps

 

Example: Configuring an SNMPv3 packet

In this example, you (as the root admin) configure an SNMPv3 packet.

WebUI

1. Engine-ID

NOTE: Local engine ID configuration is optional. A local-engine ID is to identify an

SNMP entity. By default, the serial number of the device is assigned as the value of

the local engine ID.

Configuration > Report Settings > SNMPv3: Enter the following settings, then

click Apply:

Local-engine id: netscreen

2. USM User

Configuration > Report Settings > SNMPv3 > USM User > New User: Enter

the following settings, then click OK:

User Name: netscreen

Authentication Type: (select)

Authentication Password: netscreen

Privacy Protocol: (select)

Privacy Password: netscreen

3. View

Configuration > Report Settings > SNMPv3 > VACM > New View: Enter the

following settings, then click OK:

View Name: test-view

Configuration > Report Settings > SNMPv3 >VACM > View Databse Edit:

Enter the following settings, then click Add:

Subtree OID: .1

404 ■ Simple Network Management Protocol

Concepts & Examples ScreenOS Reference Guide

Subtree Mask: FF

Type: (select)

4. Access Group

Configuration > Report Settings > SNMPv3 >VACM > New Access Group:

Enter the following settings, then click OK:

Group Name: test-grp

Security Model: (select)

Security Level: (select)

Read View: (select)

Write View: (select)

Notification View: (select)

5. Group Mapping

Configuration > Report Settings > SNMPv3 > VACM > New Sec-to-group

Mapping: Enter the following settings, then click OK:

Security Model: (select)

User Name: (select)

Community: (read only)

Group Name: (select)

6. Community

NOTE: The community name must be unique.

Configuration > Report Settings > SNMPv3 > Community > New Community:

Enter the following settings, then click OK:

Community Name: public

Tag: public

7. Trap

Configuration > Report Settings > SNMPv3 >Trap > New Filter: Enter the

following settings, then click OK:

Filter Name: test-filter

Configuration > Report Settings > SNMPv3 > Trap > Filter Database Edit:

Enter the following settings, then click Add:

Subtree OID: .1

Subtree Mask: FF

Type: (select)

8. Target Parameter

Configuration > Report Settings > SNMPv3 > Trap > New Target Parameter:

Enter the following settings, then click OK:

Simple Network Management Protocol ■ 405

Chapter 11: Monitoring Security Devices

Target Parameter Name: test-param

Filter Name: (select)

Security Model: (select)

Security Level: (select)

User Name: (select)

9. Target Address

Configuration > Report Settings > SNMPv3 > Trap > New Target Address:

Enter the following settings, then click OK:

Target Name: test-target

Target IPv4 Address/Netmask: 192.168.1.1/32

Trap Port: 162

Target Parameter: (select)

Taglist: (select)

CLI

1. Engine ID

set snmpv3 local-engine id netscreen

2. USM User

set snmpv3 user netscreen auth md5 auth-pass netscreen priv des priv-pass

netscreen

3. View

set snmpv3 view name test-view

set snmpv3 view test-view oid .1 mask FF type include

4. Access Group

set snmpv3 access group test-grp sec-model usm sec-level priv read test-view

5. Group Mapping

set snmpv3 group-mapping sec-model usm user netscreen group test-grp

6. Community

set snmpv3 community public tag public

7. Trap

set snmpv3 filter name test-filter

set snmpv3 filter test-filter oid .1 mask FF type include

8. Target Parameter

set snmpv3 target-param test-param filter test-filter sec-model usm sec-level priv

user netscreen

406 ■ Simple Network Management Protocol

Concepts & Examples ScreenOS Reference Guide

9. Target Address

set snmpv3 target test-target address 192.168.1.1/32 port 162 target-param

test-param



 

Thanks

farhan

Message 4 of 5 (1,035 Views)
 
Reply
Distinguished Expert
Distinguished Expert
echidov
Posts: 846
Registered: ‎11-02-2009
0

Re: Upgrading SSG 550M to SNMPv3

Options

‎09-26-2011 03:23 AM

Hi,

 

You should upgrade the boot loader to release 1.0.7 first. The minimal 5.4-th ScreenOS release for a direct jump to the 6.3 is 5.4r8.

Kind regards,
Edouard
Message 5 of 5 (1,014 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.