02-27-2008 11:58 PM
We have been asked to migrate all devices to SNMP V3.
I tried to test this out on a 2811 router but it is failing. All i need is to allow my NMS (solarwinds) to poll using snmpv3
Here is my config
snmp-server user test test v3 auth md5 test priv des56 test
snmp-server group test v3 priv
IS there anything else i need to do to use snmp v3 for polling
Ambi
Solved! Go to Solution.
02-28-2008 12:05 AM
The SNMP USM spec says that passwords must be at least eight characters. So you should increase the length of your passwords (e.g. tester123). Also, you do not want to specify a context name in Solarwinds (i.e. leave this field blank). Contexts are not used for general polling. Other than that, this looks okay.
02-28-2008 12:05 AM
The SNMP USM spec says that passwords must be at least eight characters. So you should increase the length of your passwords (e.g. tester123). Also, you do not want to specify a context name in Solarwinds (i.e. leave this field blank). Contexts are not used for general polling. Other than that, this looks okay.
02-28-2008 12:35 AM
Thanks......that did the trick
However i have one more problem. eventhough i disabled snmp and renabled it, the old username still appears in sh snmp users
Is there any way i can get rid of these (ofcourse without a reload). since the sh runn config does not show the username it is difficult to identify the exact commands need to remove them
Ambi
02-28-2008 08:34 AM
no snmp-server user USER GROUP v3
03-13-2008 08:04 AM
Joe
I have run into another problem now with snmp v3
Solarwinds is able to poll/ identify interfacesetc but not showing any traffic statistics like utilization, errors etc..
Do we need any configuration with respect to MIBs as well
Ambi
03-13-2008 08:10 AM
There is nothing that needs to be done in IOS to enable this. Typically, the objects to poll for utilization are ifInOctets and ifOutOctets (along with ifSpeed). Faster interfaces will require ifHCInOctets and ifHCOutOctets and ifHighSpeed. All of these should be pollable with the SNMPv3 config you provided earlier.
03-17-2008 02:28 PM
I tried using whatups gold and it too had the same error. interface statistic stops as soon as you disable SNMP v1 or v2c
When polled for CPU, it throws an error stating that the remote device does nto support host resource MIB
Ambi
03-17-2008 03:06 PM
Our devices don't support the HOST-RESOURCE-MIB. We use the CISCO-PROCESS-MIB for CPU utilization. To figure out why the interface utilization is not working, you will need to provide a sniffer trace of the NMS polling the device.
03-20-2008 04:41 AM
Will check that and upload ..
Is there any good net monitoring tool which works properly with V3. i think with the problems i am facing its time to move to a new tool
Ambi
03-20-2008 09:24 AM
I use Cacti in my lab and at home for this kind of monitoring. It supports SNMPv3 authNoPriv and authPriv using net-snmp's stack. It works really well (http://www.cacti.net/).
03-22-2008 08:55 AM
I have been trying to setup cacti in windows for the past 2 days..
Polling seems to be ok but for some reason graphs are not shown
Are you using it under wondows or linux?
Any other tool that immediately comes to mind other than cacti ?
Ambi
03-22-2008 11:19 AM
I use it under FreeBSD. You might also give PRTG a try (http://www.paessler.com/prtg).
03-24-2008 02:02 PM
Many tools will not be able to handle SNMPv3 priv for SNMPv3 polling. I think that is why polling is ok in many of the instances in this conversation but not the display of the data.
03-24-2008 02:09 PM
The data returned by an SNMPv3 authPriv poll is the same returned by SNMPv3 authNoPriv and SNMPv2c. The only difference is encryption. If the encryption was broken, the device shouldn't be responding with any data at all (only report packets). That is why I requested a sniffer trace early on.
03-24-2008 02:34 PM
Agreed.
But there is SNMPv3 authPriv and Priv. The settings in the user example looks to me to be authPriv and Priv rather than AuthPriv and noPriv meaning the data is to be encrypted. Many SNMP managers will support SNMPv3 authpriv if you configure them correctly but only in noPriv mode ...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide