Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  Upgrading SSG 550M to SNMPv3

    Posted 09-01-2008 04:42

    Hi All

     

    Need to upgrade the SSG 550M current ver 5.4.0r6.0.  to upgrade to version which supports SNMPv3. Kindlly suggest which version supports the same.

    Also i was going through the upgrade procedure have one more query regarding it the upgrade path suggest 5.4.0rx ----> 6.1.0rx.

    Does this require any specific version from 5.4 rel before i upgrade to 6.1.

     

    Kindly suggest.

    abhi


    #upgrade
    #SNMP
    #and


  • 2.  RE: Upgrading SSG 550M to SNMPv3
    Best Answer

    Posted 09-01-2008 04:50

    Hi,

     

    No current version of ScreenOS supports SNMP v3 there is only support for v1 & v2c. I have no idea if it will be supported in the future or not.

     

    Have a look at the following guide for the recommended upgrade path.

     

    http://www.juniper.net/techpubs/software/screenos/screenos6.1.0/upgrade_guide.pdf

     

    Regards

     

    Andy



  • 3.  RE: Upgrading SSG 550M to SNMPv3

    Posted 01-03-2011 22:37

    Dear friend

     

    please note 6.3 support SNMP V3.

     

     

    Waseem.ahsan@gmail.com



  • 4.  RE: Upgrading SSG 550M to SNMPv3

    Posted 09-23-2011 04:56

    Hi Guys,

     

    I am just pasting an example configuration for you guys. May be it helps

     

    Example: Configuring an SNMPv3 packet

    In this example, you (as the root admin) configure an SNMPv3 packet.

    WebUI

    1. Engine-ID

    NOTE: Local engine ID configuration is optional. A local-engine ID is to identify an

    SNMP entity. By default, the serial number of the device is assigned as the value of

    the local engine ID.

    Configuration > Report Settings > SNMPv3: Enter the following settings, then

    click Apply:

    Local-engine id: netscreen

    2. USM User

    Configuration > Report Settings > SNMPv3 > USM User > New User: Enter

    the following settings, then click OK:

    User Name: netscreen

    Authentication Type: (select)

    Authentication Password: netscreen

    Privacy Protocol: (select)

    Privacy Password: netscreen

    3. View

    Configuration > Report Settings > SNMPv3 > VACM > New View: Enter the

    following settings, then click OK:

    View Name: test-view

    Configuration > Report Settings > SNMPv3 >VACM > View Databse Edit:

    Enter the following settings, then click Add:

    Subtree OID: .1

    404 ■ Simple Network Management Protocol

    Concepts & Examples ScreenOS Reference Guide

    Subtree Mask: FF

    Type: (select)

    4. Access Group

    Configuration > Report Settings > SNMPv3 >VACM > New Access Group:

    Enter the following settings, then click OK:

    Group Name: test-grp

    Security Model: (select)

    Security Level: (select)

    Read View: (select)

    Write View: (select)

    Notification View: (select)

    5. Group Mapping

    Configuration > Report Settings > SNMPv3 > VACM > New Sec-to-group

    Mapping: Enter the following settings, then click OK:

    Security Model: (select)

    User Name: (select)

    Community: (read only)

    Group Name: (select)

    6. Community

    NOTE: The community name must be unique.

    Configuration > Report Settings > SNMPv3 > Community > New Community:

    Enter the following settings, then click OK:

    Community Name: public

    Tag: public

    7. Trap

    Configuration > Report Settings > SNMPv3 >Trap > New Filter: Enter the

    following settings, then click OK:

    Filter Name: test-filter

    Configuration > Report Settings > SNMPv3 > Trap > Filter Database Edit:

    Enter the following settings, then click Add:

    Subtree OID: .1

    Subtree Mask: FF

    Type: (select)

    8. Target Parameter

    Configuration > Report Settings > SNMPv3 > Trap > New Target Parameter:

    Enter the following settings, then click OK:

    Simple Network Management Protocol ■ 405

    Chapter 11: Monitoring Security Devices

    Target Parameter Name: test-param

    Filter Name: (select)

    Security Model: (select)

    Security Level: (select)

    User Name: (select)

    9. Target Address

    Configuration > Report Settings > SNMPv3 > Trap > New Target Address:

    Enter the following settings, then click OK:

    Target Name: test-target

    Target IPv4 Address/Netmask: 192.168.1.1/32

    Trap Port: 162

    Target Parameter: (select)

    Taglist: (select)

    CLI

    1. Engine ID

    set snmpv3 local-engine id netscreen

    2. USM User

    set snmpv3 user netscreen auth md5 auth-pass netscreen priv des priv-pass

    netscreen

    3. View

    set snmpv3 view name test-view

    set snmpv3 view test-view oid .1 mask FF type include

    4. Access Group

    set snmpv3 access group test-grp sec-model usm sec-level priv read test-view

    5. Group Mapping

    set snmpv3 group-mapping sec-model usm user netscreen group test-grp

    6. Community

    set snmpv3 community public tag public

    7. Trap

    set snmpv3 filter name test-filter

    set snmpv3 filter test-filter oid .1 mask FF type include

    8. Target Parameter

    set snmpv3 target-param test-param filter test-filter sec-model usm sec-level priv

    user netscreen

    406 ■ Simple Network Management Protocol

    Concepts & Examples ScreenOS Reference Guide

    9. Target Address

    set snmpv3 target test-target address 192.168.1.1/32 port 162 target-param

    test-param

     

    Thanks

    farhan



  • 5.  RE: Upgrading SSG 550M to SNMPv3

    Posted 09-26-2011 03:23

    Hi,

     

    You should upgrade the boot loader to release 1.0.7 first. The minimal 5.4-th ScreenOS release for a direct jump to the 6.3 is 5.4r8.