SNMPv3 Service Proxy Forwarder Application Tutorial
NuDesign’s SNMPv3 Agent Service for Windows (and Linux) supports SNMP Proxy Forwarder Application defined in rfc3413. Implementation and configuration of Proxy Forwarder Application provide for SNMPv3 Service to intercept and pass requests and replies to/from other SNMP Agents (proxied for), translating their communications and security parameters as required.
For example, the Proxy Agent can provide the outside SNMP management access to the insecure v1/v2 only Agents via secure SNMPv3 only requests, doing all required in/out translations on behalf of otherwise insecure SNMP entities.
Similarly, the Proxy Forwarder Application handles Responses, Internal-Class PDUs, such as SNMP Reports and Notifications from “proxied for” SNMP Agents.
The NuDesign SNMPv3 Service implements the SNMP-Proxy-MIB module and it accepts SNMP requests to other SNMP Agents, identified by specific ContextEngineID / ContextName pair values registered in the snmpProxyTable. Such requests are forwarded to proxied SNMP Agents using parameters pointed to by the columnar values of snmpProxy Table, snmpTargetAddress and snmpTargetParameters Tables.
Fig. 1 An example of architecture providing secure remote access to SNMPv1/v2c Agents via the use of Proxy Forwarder Application in NuDesign SNMPv3 Service
Please download our hands-on, Windows-based, SNMP Proxy Forwarder Application Demo Package that contains two sample SNMPv1/v2c Agents and review the Demo’s SNMP Proxy Forwarder Application Configuration Guide. Running the Demo requires pre-installation of SNMPv3 Service and MIBrowser Pro evals.
Ensure that the MIB SNMP-PROXY-MIB (rfc3413.mib) is loaded into the MIBrowser Pro. If it is, you should be able to see a node called, ‘(6) snmpV2’. Under that should be a node ‘(14) snmpProxyMIB’.
Once the SNMPv3 Service is configured as per Demo Guide, it will contain four rows in the “snmpProxyTable” that deal respectively with parameters of four distinct actions: read / write from / to the SNMPv1/v2c Agent and notification from the v1/v2c Agent that are to be forwarded to the SNMP Manager (BrowserPro) as Informs and / or Traps.
The Trap and Inform Proxy Table’s rows have tags associated with them. These tags point to respective entries into the “snmpTargetAddressTable” and into the “snmpTargetParamTable”. A similar logic applies to SNMP “read/write” functions.
The Proxy Forwarder Application configuration translates SNMPv1/v2c security and communication parameters of the v2c Agents into SNMPv3 security and communication parameters that are seen and acted upon by the MIBrowser Pro and vice-versa.
The Demo provides for step by step, a hands-on configuration of the SNMPv3 Service Proxy Tables and SNMP Manager (MIBrowser Pro Tables) to demonstrate these concepts.
Annual Support Contracts and Upgrades
The Annual Technical Support and Subscription Service Contract provides one year of product enhancement and maintenance updates plus access to our engineering team (please review the terms here). For more details please see our Purchase SNMPv3 Service page.