How to add a second SNMP Security Name (Trap User) in RSA Authentication Manager 8.x
3 months ago
Originally Published: 2019-06-20
Article Number
000054987
Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x,

Issue
There is one Nagios SNMP monitoring station to receive SNMP traps in the deployment, but there is a request to have Qualys scans/SNMP credential scans use a separate Security Name or UserID
 
SNMP setup
 
This article provides steps of adding another SNMP user by editing the /etc/snmp/snmpd.conf on the Authentication Manager server since the user interface does not allow this.
Tasks

Before attempting this process, review the article entitled Does RSA support the installation of third party software or applications on the RSA Authentication Manager 8.X (virtual) appliances?  Each customer making this change needs to assess the risk/benefit of this 'unsupported' change to the AM appliance for their organization.

To complete this process you will need to:

  1. Stop the snmpd service.
  2. Duplicate the proxy line in /etc/snmp/snmpd.conf with the new user.
  3. Run the /usr/bin/net-snmp-config script to create the new user.
  4. Start the snmpd service.
Resolution
  1. Stop the snmpd service:
    1. Launch an SSH client, such as PuTTy.
    2. Login to the primary Authentication Manager server as rsaadmin and enter the operating system password.

Note that during Quick Setup another user name may have been selected. Use that user name to login.

  1. At the command line, run:
# sudo systemctl stop snmpd.service
For Authentication Manager version 8.4 or prior, run: 
# /etc/init.d/snmpd stop
 
  1. Using a text editor such as vi, duplicate the proxy line in /etc/snmp/snmpd.conf with the new user; for example, Qualysuser:
proxy -v 3 -u Qualysuser; -l authPriv -a MD5 -A AuthPWD1! -x DES -X PrivPWD1! 127.0.0.1:8002 .1.3.6.1.4.1.2197
  1. Run the /usr/bin/net-snmp-config script to create the new user
/usr/bin/net-snmp-config --create-snmpv3-user -ro -A support1! -X support1! -a MD5 -x DES Qualysuser
  1. Start snmpd service, run:
sudo systemctl start snmpd.service
For Authentication Manager version 8.4 or prior, run: 
# /etc/init.d/snmpd start

snmpd_stop

You can now snmp get or snmpwalk with two userIDs
snmp_walk_2nd_userID
Notes

Customers, AM Appliance Administrators need to assess the risk /benefit of making unsupported changes like this one to their AM Appliances. 

Refer to Does RSA support the installation of third party software or applications on the RSA Authentication Manager 8.X (virtual) appliances ?

https://community.rsa.com/s/article/a66589-Does-RSA-support-the-installation-of-third-party-monitoring-Agents-on-their-RSA-Authentication-Manager-8-X-virtual-appliances

Please note that the current supported version of RSA Authentication Manager changes over time. Refer to the Product Version Lifecycle page for more information on supported versions.

Related Articles

Trending Articles

Don't see what you're looking for?