| Description | This article describes about details regarding the use of SNMPv3 with AES 256 encryption algorithm on some Cisco devices. AES256C is a Cisco specific implementation of AES256. |
| Scope | FortiMonitor. |
| Solution |
Cisco has implemented a new encryption algorithm called AES256C which can be used instead of AES256 on FortiMonitor.
To use it: 1) Connect to the FortiMonitor Control Panel account. 2) Go to Settings - > SNMP Credentials - > Add SNMP Credential. 30 Choose SNMP version 3 then AES256C on the SNMPv3 Encryption Algorithm drop down list.
3) It is then, possible to complete the rest of the required information then create the credentials and start using it.
It is also possible to test the AES256C in the command line from the onsight to ensure that it's working before carrying out the control panel configuration.
To achieve that: 1) Connect to the onsight in SSH. 2) Connect to the onsight container.
# onsight shell
3) Run snmpwalk v3 command line with the following option -x AES-256-C. Example of complete command line:
snmpwalk -v3 -l authPriv -u <username> -a <SHA|MD5> -A <authphrase> -x AES-256-C -X <Privaohrase> <device IP addresse:port> <oid> |
