4948 SNMP walk fails

Unanswered Question
Aug 17th, 2009
User Badges:


I am not able add 4948 switch to NMS.

It fails when we run snmpwalk.

Checked the snmp community string, routing between switch and NMS all looks fine

here is the snoop output on switch port whilst we run snmpwalk from NMS.

14:45:48.333707 NMS.59689 > switch.snmp: C=XXXXX GetNextRequest(26) system (DF)

14:45:48.334215 SWITCH > NMS: icmp: SWITCH udp port snmp unreachable [tos 0xc0]

14:46:00.677091 NMS > SWITCH: icmp: echo request (DF)

14:46:00.679718 SWITCH > NMS: icmp: echo reply (DF)

With same set of config it's working on other devices.

Strangely enough I'm facing this issue only with this switch

Can anyone help?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Lucien Avramov Mon, 08/17/2009 - 06:15
User Badges:
  • Red, 2250 points or more

Download net-snmp and try to snmpwalk your switch from it, you will see if that works or not.


I suspect either a misconfiguration of your switch: ACL blocking udp 161, incomplete snmp configuration or, a firewall blocking udp 161 between your pc to switch or a problem with your NMS software, which net-snmp will clear the doubt for.

Also you need not to be in asymetrical routing the incoming snmp traffic to the switch should be using the same interface as the outgoing snmp traffic from the switch to the PC.

rajeshk200_2 Mon, 08/17/2009 - 06:56
User Badges:

Hi there

I do not have any TCP specific access-list configured.

Only IP based access-list which allows NMS IP.

I'm sure snmp packets hitting the Switch as I've packet capture via SPAN.

SNMP string configured for Read only access.

It has got only one IP interface that rules out asymmetric routing.

I'm not sure why It's behaving funny.

Lucien Avramov Mon, 08/17/2009 - 07:52
User Badges:
  • Red, 2250 points or more

snmp is on the UDP port not TCP.

do a debug snmp packet on the switch and you will see if snmp is hitting the switch at all.

If it is, post here your outputs of this debug.

rajeshk200_2 Mon, 08/17/2009 - 15:39
User Badges:

i do not see any packet while debugging snmp packet on the switch

I can ping snmp server, I think that rules out routing issue

I did get firewall log that passes traffic

I've no other obvious reason to check

What I'm missing here.



Lucien Avramov Mon, 08/17/2009 - 16:01
User Badges:
  • Red, 2250 points or more

1.can you post your show-tech?

2. can you post a packet capture from the computer that is running snmp software?

either snmp is not configured on the switch, either it's blocked in between

BTW, do you have term monitor on and logging console? Else you wont see the debug output from a telnet window.

rajeshk200_2 Tue, 08/18/2009 - 02:11
User Badges:

I removed the complete string and applied again, but that hasn't resolved the issue.

I had to just apply 'no snmp-server'

then I applied the snmp string , I was puzzled that resolved the issue.

It's annoying to find out windows type remedy on Cisco switches.

Any have thanks very much for your assistance on this.

Lucien Avramov Tue, 08/18/2009 - 07:01
User Badges:
  • Red, 2250 points or more

Ok so FYI, if this happens, this is 90% of the case due to a high cpu that the switch experienced. Usually SNMP processes are shutdown if there is a high cpu and sometimes IOS is not able to restart it right, removing and re-adding the snmp-server command fixes it.

Please monitor this. If it happens again, get the show proc cpu history and also log your syslog messages to see if anything else happened and we will investigate it.

I guess this post can be marked resolved


This Discussion