pfsense - Enabling SNMPv3 Monitoring

pfSense is shipped with bsnmpd that does not have support to SNMPv3. We do no want our messages moving around without encryption and to enable SNMPv3 we need to install an extra package and add extra configuration as well.

1) Installing Net-SNMP

Navigate to System > Package Manager and install the below package.

2) SNMPv3 Configuration

Go to Services > SNMP (NET-SNMP) > General enable the service and bind it to an IP address and port.

In the host information tab set the General Information as desired and leave the rest as default.

Select the Users tab and click on the +Add button to create a new user.

Creating a user.

Our user will have read only rights.

Next step we will set the user authentication.

Click on the save button to add the user.

3) Enabling SNMPv3 Service

pfSense is shipped with bsnmpd as its default SNMP agent server and to have net-snmpd running we need to stop the default SNMP agent server.

And under Services > SNMP disable it.

4) Adding to LibreNMS

Under the SNMP settings of your device set as the picture below.

Conclusion

With the steps above we have succesfully configured our firewall to transmit SNMP messages with encryption and privacy. In the next article we will learn how to send our firewall's log to a syslog server.

Resources

Tutorial PFSense - SNMPv3 Configuration using Net-snmp [ Step by Step ]

Learn how to configure the Pfsense SNMPv3 feature using the Net-snmp package in 5 minutes, by following this simple step by step tutorial.

TechExpertVirtualCoin CISSP, PMP, CCNP, MCSE, LPIC2

NET-SNMP Package Now Available for pfSense 2.4 (SNMPv3, TLS, IPv6, and more)

A package for NET-SNMP is now available for pfSense 2.4 which controls the NET-SNMP project snmpd agent and snmptrapd application. The NET-SNMP daemon offers a number of advantages over the built-in bsnmpd, notably: SNMPv3 support * Proper authenticati...

Netgate Forumjimp