We manage several 1000 switches. These are standard configured with a snmp community string that contains @ characters.
Now it seems that - starting with a certain IOS release - these community strings do not work anymore!
After changing the @ character to another 'normal' character we get snmp access again. :(
Is this issue somewhere documented?
Is there a workaround for this issue?
since our management systems are all setup up for this standard string.
I don't know of any documentation that lists allowed characters, but after 10 years of experience, I would avoid '@' and ':'. The '@' for reasons already discussed, and the ':' because this is commonly used as a delimiter in many NMS applications.
That said, SNMP community strings are sent on the wire in clear text, and offer no real security. It would be better to avoid all special characters, and use ACLs on the devices to prevent unauthorized managers from using SNMP. If security is a real concern, consider going with SNMPv3.
No, there is no workaround for switches. The '@' is simply reserved by Cisco. And you really need community string indexing to be able to fully manage Cisco switches with SNMPv1/v2c.