LMS3.2 snmpv3 Error performing SNMP operation

Unanswered Question
Jun 2nd, 2010

Hi,

i've the following problem. Check device credential verification job shows "Error performing SNMP operation" for a cisco 3750 configured with snmpv3.On the switch i can see that the lms can access the switch via snmpv3. Also cisco view works fine. Bug CSCsm89609 describe the problem but it should be fixed in RME 4.3. We are running 4.3.1.

Any ideas?

André


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Joe Clarke Wed, 06/02/2010 - 07:44

It would be helpful to see a packet capture of all udp/161 packets between the RME server and this switch when running a new Device Credential Verification job.

aeggers Wed, 06/02/2010 - 08:29

the traffic between the lms server and the switch is encrypted --> AuthPriv

andré

Joe Clarke Wed, 06/02/2010 - 08:39

Even with authPriv, the traffic can be decrypted provided the SNMPv3 username, auth password, priv password, auth hash, priv algo, and engineID are known.  I know this would be too sensitive to post, but if you can open a TAC service request and provide that information with the packet capture, it would greatly speed up the analysis of this problem.

Something else which might help is to enable "debug snmp packet" on the device, and run the Device Credential Verification job.  The debug output may shed some light on the underlying problem.

aeggers Thu, 06/03/2010 - 03:37

The issue only occur if i don't have configured a write vi

ew for the snmp group. With configured read view i get the  message: Error performing SNMP operation.

With configured write view the check credential job is successful.

Joe Clarke Thu, 06/03/2010 - 22:05

Yes, that is expected.  RME only has one username for SNMPv3, and it expects that username to support both read-only and read-write operations.

yucelbasoglu Fri, 06/04/2010 - 02:45

Hi,

if you share example switch snmp configuration and Device Credentials Settings (for SNMPv3) , i think we can help you.

Regards,

Juan Antonio De... Mon, 11/26/2012 - 08:07

Hello,

I have a similar problem. I have configured a snmp v3 user using SHA to authentication an DES for private access.

We use RME 5.0.1 and when we try to run a CDA it doesn`t work reporting "Error performing SNMP operation".

In the log of the CDA job, we can see:

[ lun nov 26  16:46:06 CET 2012 ],INFO ,[Thread-6],com.cisco.nm.rmeng.inventory.cda.job.DoCDAonDevice,updateCdaStatus,1784,Executing sqlStmt update DM_Credential_Error_Status set Cred_Status= 8 ,Cred_Status_Descr='Error performing SNMP operation.',Update_At='1353944766699' where NetworkElementID = 3685 and Cred_Type = 3

How can I use snmp v3 with RME 5.0.1?

Thanks.

Joe Clarke Mon, 11/26/2012 - 09:01

As was stated here, you need that user to support both read and write operations.  Your SNMPv3 config should therefore look something like:

snmp-server group v3group v3 priv write v1default

snmp-server user v3user v3group v3 auth SHA v3UserPass priv DES v3UserPass

Actions

This Discussion