This is a tiny guide howto monitor your UniFi wireless accesspoint, in this case a Unifi U7 pro with SNMPv3 with AES-Encryption and SHA-Authentication using PRTG:
- Configure SNMP Monitoring in UniFis settings --> CyberSecure --> Traffic Logging --> SNMP Monitoring --> SNMPv3 --> set a unique username and unique long password
- UniFi will use SNMPv3 with Encryption Type AES-128 and Authentication Method SHA1. The selected password will be used for Authentication and Encryption.
- Create a device in PRTG and edit the device settings to:
%20%E2%80%94%20Mozilla%20Firefox.png)
- Add PRTG sensors like e.g. the SNMP traffic sensor to monitor the UniFi access points physical (e.g. eth0) and virtual ports VLAN ports (e.g. eth0.100 for VLAN ID 100):
%20_%20PRTG%20Network%20Monitor%20(WIN-OGVETD2S2UP)%20%E2%80%94%20Mozilla%20Fire.png)
%20%E2%80%94%20Mozilla%20Firefox.png)
%20_%20PRTG%20Network%20Monitor%20(WIN-OGVETD2S2UP)%20%E2%80%94%20Mozilla%20Fire.png)
Do not forget to set ACLs and network segmentation, so the SNMP and other management interfaces are only reachable from dedicated source ip-addresses. Also keep in mind, that in SNMPv3 AuthPriv the username is sent in plaintext over the network eventhough you chose with AuthPriv authentication and encryption, as shown in the following screenshot or mentioned in my article from 2018.
No comments:
Post a Comment