configuring proxy table, params table for proxy forwarding

Ram Krishnaswamy RKrishnaswamy____pathfire.com
Tue May 14 15:35:07 CEST 2002 

Hello,

I had asked the following question to the SNMPv3 mailing list but it seems
like it is more of an implementation issue of how proxy forwarder is
implemented. Please advise.

We have a number of third party SNMP agents implemented in SNMPv1. We are
planning to use a agent++ developed agent supporting v3 and make use of the
proxy forwarder application to reach these SNMP v1 agents. We need v3 for
authentication and security too. The problem we are facing is how different
users can be setup so that they can be categorized into groups and given the
right level of access instead of creating proxy table entries,
targetParamTable entries & targetAddrTable entries for each user. It is not
a big problem but we feel there might be a better way that avoids too many
entries in proxy and params table if we can somehow group users with same
priviledges to access these proxies. Any ideas?

For example, let us say we have one SNMPv1 snmp agent (call it msX) that we
want to use proxy forwarder for. The relevant table entry for User A to
access this SNMP agent with read priviledges are given below. This is for
one user. Do we have to define for each user similar entries in each of
these tables or can we specify a group of users. In the books we have read
so far, the TargetParamsSecurityName is defined as "the Principal on whose
behalf SNMP messages will be generated". Can the "Principal" be a group and
if so how to define that group that have users who have access to proxy snmp
agents? The proxy forwarder code tries to match a security name with the one
in the request. 

Thanks for your help.

Proxy table: 
-----------------
Name = msXread
Type = read(1)
ContextEngineID = ms_public
ContextName =
TargetParamsIn = defaultV3Request
SingleTargetOut = dell_read
MultipleTargetOut =
StorageType = nonVolatile(3)
RowStatus  = active(1)

Target Address Table:
-------------------------------

AddrName = dell_read
AddrTDomain = snmpUDPDomain
AddrTAddress = 10.10.13.28/10161
AddrTimeout = 1500
AddrRetryCount = 3
AddrTagList = v1request
AddrParams  = dellV1RequestRead
AddrStorageType = nonVolative(3)
AddrRowStatus  = active(1)

TargetParamsTable:
-----------------------------

ParamsName = defaultV3Request
ParamsMPModel = 3
ParamsSecurityModel = 3
ParamsSecurityName = Superuser
ParamsSecurityLevel = dellV1RequestRead 
ParamsStorageType = nonVolatile(3)
ParamsRowStatus  = active(1)

Ram Krishnaswamy
x1601

More information about the AGENTPP mailing list