08-17-2009 05:56 AM - edited 03-06-2019 07:16 AM
Dude
I am not able add 4948 switch to NMS.
It fails when we run snmpwalk.
Checked the snmp community string, routing between switch and NMS all looks fine
here is the snoop output on switch port whilst we run snmpwalk from NMS.
14:45:48.333707 NMS.59689 > switch.snmp: C=XXXXX GetNextRequest(26) system (DF)
14:45:48.334215 SWITCH > NMS: icmp: SWITCH udp port snmp unreachable [tos 0xc0]
14:46:00.677091 NMS > SWITCH: icmp: echo request (DF)
14:46:00.679718 SWITCH > NMS: icmp: echo reply (DF)
With same set of config it's working on other devices.
Strangely enough I'm facing this issue only with this switch
Can anyone help?
08-17-2009 06:15 AM
Download net-snmp and try to snmpwalk your switch from it, you will see if that works or not.
http://net-snmp.sourceforge.net/
I suspect either a misconfiguration of your switch: ACL blocking udp 161, incomplete snmp configuration or, a firewall blocking udp 161 between your pc to switch or a problem with your NMS software, which net-snmp will clear the doubt for.
Also you need not to be in asymetrical routing the incoming snmp traffic to the switch should be using the same interface as the outgoing snmp traffic from the switch to the PC.
08-17-2009 06:56 AM
Hi there
I do not have any TCP specific access-list configured.
Only IP based access-list which allows NMS IP.
I'm sure snmp packets hitting the Switch as I've packet capture via SPAN.
SNMP string configured for Read only access.
It has got only one IP interface that rules out asymmetric routing.
I'm not sure why It's behaving funny.
08-17-2009 07:52 AM
snmp is on the UDP port not TCP.
do a debug snmp packet on the switch and you will see if snmp is hitting the switch at all.
If it is, post here your outputs of this debug.
08-17-2009 03:39 PM
i do not see any packet while debugging snmp packet on the switch
I can ping snmp server, I think that rules out routing issue
I did get firewall log that passes traffic
I've no other obvious reason to check
What I'm missing here.
Cheers
Raj
08-17-2009 04:01 PM
1.can you post your show-tech?
2. can you post a packet capture from the computer that is running snmp software?
either snmp is not configured on the switch, either it's blocked in between
BTW, do you have term monitor on and logging console? Else you wont see the debug output from a telnet window.
08-18-2009 02:11 AM
I removed the complete string and applied again, but that hasn't resolved the issue.
I had to just apply 'no snmp-server'
then I applied the snmp string , I was puzzled that resolved the issue.
It's annoying to find out windows type remedy on Cisco switches.
Any have thanks very much for your assistance on this.
08-18-2009 07:01 AM
Ok so FYI, if this happens, this is 90% of the case due to a high cpu that the switch experienced. Usually SNMP processes are shutdown if there is a high cpu and sometimes IOS is not able to restart it right, removing and re-adding the snmp-server command fixes it.
Please monitor this. If it happens again, get the show proc cpu history and also log your syslog messages to see if anything else happened and we will investigate it.
I guess this post can be marked resolved
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: