Alcatel Unleashed

The #1 Worldwide board for technical support on Alcatel-Lucent Voice & Data gear.
https://alcatelunleashed.com/

Need to configure authentication-order via SNMP / pushing config via SNMP

https://alcatelunleashed.com/viewtopic.php?t=26512

Page 1 of 1

Need to configure authentication-order via SNMP / pushing config via SNMP

Posted: 26 Aug 2016 21:57
by netnem
I need to run the following command via SNMP:

configure system security password authentication-order tacplus local

Does anyone have the OIDs to get this accomplished? I can do it on Cisco devices using a TFTP server, but I can't quite figure out how to do it on 7750's.

I was able to find the following for copying running to startup config -- which might work if i copied startup config to running config, but I can't find documentation on the integer values.

Copy Run Start:
snmpset -v2c -c <community> <ip address> \
1.3.6.1.4.1.89.87.2.1.7.111 i 2 \
1.3.6.1.4.1.89.87.2.1.8.111 i 1 \
1.3.6.1.4.1.89.87.2.1.12.111 i 3 \
1.3.6.1.4.1.89.87.2.1.17.111 i 4

Any ideas on how to get this accomplished?

Re: Need to configure authentication-order via SNMP / pushing config via SNMP

Posted: 28 Aug 2016 16:17
by vasudha202
I think the OIDs you need are:

1.3.6.1.4.1.6527.3.1.2.22.5.7 tmnxPasswordAuthenOrder1
1.3.6.1.4.1.6527.3.1.2.22.5.8 tmnxPasswordAuthenOrder2
1.3.6.1.4.1.6527.3.1.2.22.5.9 tmnxPasswordAuthenOrder3

I haven't actually done this before, but the way it's supposed to work is, the PasswordAuthenOrder1 OID sets the first preferred method, PasswordAuthenOrder2 sets the next preferred method and so on.
The values are 0 for none, 1 for local, 2 for radius and 3 for tacplus.
So you would probably have to set 1.3.6.1.4.1.6527.3.1.2.22.5.7 to a value of 3 for tacplus and 1.3.6.1.4.1.6527.3.1.2.22.5.8 to a value of 1 to fallback to local.
I am not a 100% sure what index you use in this case (maybe 1?) but an SNMP tool could probably take care of that for you, or someone else on here might be able to clarify what index to use.

Hope that was some help

Re: Need to configure authentication-order via SNMP / pushing config via SNMP

Posted: 28 Aug 2016 23:59
by netnem
I was able to get this to work with the following:

snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder1.0 i 1
snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder2.0 i 3

I eventually found this directory that listed out a bunch of TiMOS mibs, in which TIMETRA are the ALU specific ones which was incredibly helpful:

ftp://109.74.90.32/ALCATEL/7750/7x50-Ti ... lash/MIBs/

Hopefully someone else will find this useful.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited