cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6258
Views
0
Helpful
17
Replies

OID in SNMPv3

Ahmed Shahzad
Level 1
Level 1

I am configuring SNMPv3 using CiscoWorks, but I am confused which OID, Object Type will be configured for Cisco Switch 3750?

2 Accepted Solutions

Accepted Solutions

v1default is a built-in view that gives most of the required access you need. You are free to create your own view if you want.

View solution in original post

LMS is not a general purpose trap manager. Yes, DFM can process certain traps, but sending traps to LMS is still optional.

No, SNMPv3 has no integration with ACS at this time. You do not need to add the SNMPv3 user to ACS. All of the authentication and authorization is done locally on the device.

View solution in original post

17 Replies 17

Joe Clarke
Cisco Employee
Cisco Employee

I don't understand the question. Exactly what are you doing in CiscoWorks? SNMPv3 doesn't use any different OIDs. The only difference between SNMPv1/v2.c and v3 is that you need to specify a username, password, and hash algorithm in SNMPv3 where as in v1/v2c you specify SNMP communities.

Thanks for your response. I have found that in addition to UID, PWD, Hash Algo, it is also required to define OID. Plesae check attach image file.

Thanks and Regards,

This has nothing to do with configuring SNMPv3. This is simply using the SNMP Set interface. This tool should only be used for troubleshooting purposes, and has nothing to do with the function of LMS.

The OID in this interface is the OID to set. There are countless options for this, and it depends on what you're trying to do. The Object Type is the type of that OID (e.g. DISPLAY STRING, INTEGER, etc.).

So my original question remains: exactly what do you want to do?

Thanks for your quick reply.

I am trying to configure SNMPv3 on Catalyst and Routers, so that the communication channel between devices and LMS would be SNMPv3. I have found the following configuration guidelines from Cisco.com, which are:

To enable SNMPv3 on Cisco IOS devices, follow these steps:

=====

• Create a view

snmp-server view campus oid-tree included

• Set the security model

snmp-server group cmtest v3 auth read campus write campus access access-list

• Create a user and authentication protocol to be used

snmp-server user cmtester campus v3 auth md5 password

• Create a group and associate the user with it

snmp-server user cmtester cmtest v3

=== Last command is also not working. Also I want to know which OIDs I have to configure for Cisco LMS.

Thanks and Regards,

Last

This is fine. However, the SNMP Set tool you are trying to use has no bearing on whether or not LMS will use SNMPv3 to communicate with the device.

First, configure SNMPv3 on the device. The above is simply a guideline. Actually, all you need is an SNMPv3 group, and an SNMPv3 user. Creating a view and an access-list are optional steps. For example, the following two lines are all you really need:

snmp-server group v3group v3 auth write v1default

snmp-server user v3user v3group v3 auth md5 v3user123

Here, v3group is the SNMPv3 group name, v3user is the SNMPv3 username, the authentication algorithm is MD5, and the authentication password is v3user123. This config is for SNMPv3 authNoPriv, and will allow for both read and write access.

Once you have SNMPv3 configured on the device, add the device to DCR with the appropriate v3 credentials. This is done under Common Services > Device and Credentials > Device Management. Add all of the v3 credentials on the third screen of the Add Device interface. Once that is done, LMS will use SNMPv3 to manage this device.

Thank you very much for your detailed reply.

Can you just tell me that v1default, which is write view name, needs to be created first?

Thanks and Regards,

v1default is a built-in view that gives most of the required access you need. You are free to create your own view if you want.

Thank you very much for your support.

One more thing, can I have to configure snmp-server host command as well.

Thanks and Regards,

No, this is not required. You need to use snmp-server host only if you want the device to send traps to an SNMP trap manager.

I believe it is a good idea to use snmp-server host, so that device can send snmp traps to LMS in a proactive manner.

Secondly LMS is integrated with ACS, do we need to create the same account on ACS as well.

LMS is not a general purpose trap manager. Yes, DFM can process certain traps, but sending traps to LMS is still optional.

No, SNMPv3 has no integration with ACS at this time. You do not need to add the SNMPv3 user to ACS. All of the authentication and authorization is done locally on the device.

Thank you very much for your prompt support.

I am facing one more issue, for which I already have open a conversation, but I have not got a solution for it.

After login into CiscoWorks Assistant, whenever trying to access any other link like Add Device or Allocate Device, results in given below error:

===== Error Message =======

Status polling timed out for the last run task [Add Devices].

Step may be running in the backend.

Do you wish to stop status checking and continue with the selected task?

============

I have tried to restart the services, and even restart the machine as well, but still getting same error since last three days.

I already replied on that thread with instructions to fix the problem. Have you tried my suggestion?

LMS is installed on Windows 2003 Standard Ed, and I belive your instruction assumes that OS is not Win.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: