cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4276
Views
3
Helpful
5
Replies

SNMP v3 informs not working

wchengcisco
Level 1
Level 1

Hello all,

I'm trying to set up snmp v3 to send informs (not traps) to a NMS in the local network.  I've got the user, auth password, group, etc. set up, and I can query the switch from the NMS, but no informs would send even I've configured the switch to send vlan changes and general snmp (warm/cold start, link up/down, etc) to the NMS.  I'm running into a deadend and was wondering if anyone can see if there's anything missing in this config:

Config parameters (used for testing only):

-auth no private

-NMS IP 10.0.0.21

-informs enabled (no traps)

-user = userv3

-group = groupv3

-auth = md5-encrypted "authkeyv3"

-read/write/notify viewname = viewv3

snmp-server user userv3 groupv3 v3 auth md5 authkeyv3
snmp-server group groupv3 v3 auth read viewv3 write viewv3 notify viewv3
snmp-server host 10.0.0.21 inform version 3 auth userv3  vlancreate vlandelete config snmp

1382 SNMP packets input
    0 Bad SNMP version errors
    13 Unknown community name
    0 Illegal operation for community name supplied
    0 Encoding errors
    1380 Number of requested variables
    0 Number of altered variables
    1363 Get-request PDUs
    0 Get-next PDUs
    0 Set-request PDUs
1378 SNMP packets output
    0 Too big errors (Maximum packet size 1500)
    0 No such name errors
    0 Bad values errors
    0 General errors
    1276 Response PDUs
    9 Trap PDUs
SNMP global trap: disabled

SNMP logging: enabled
    Logging to 10.0.0.21.162, 0/10, 0 sent, 0 dropped.

SNMP Manager-role output packets
    0 Get-request PDUs
    0 Get-next PDUs
    0 Get-bulk PDUs
    0 Set-request PDUs
    0 Inform-request PDUs
    0 Timeouts
    0 Drops
SNMP Manager-role input packets
    0 Inform request PDUs
    0 Trap PDUs
    0 Response PDUs
    0 Responses with errors

SNMP informs: enabled
    Informs in flight 0/25 (current/max)
    Logging to 10.0.0.21.162
        0 sent, 0 in-flight, 0 retries, 0 failed, 0 dropped
SNMP agent enabled

Would I need to configure the remote engineID for this to work?

Thanks,

-Will

1 Accepted Solution

Accepted Solutions

That is correct.  The switch will send the inform with the NMS's engineID.  Therefore the switch needs to know the proper remote engineID.  See http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp21645 and http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1001347 .

View solution in original post

5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

Yes.  With informs, it's the remote agent who is authoritative, so you will need to make the device aware of that agent's engineID.

Thanks Joseph.  I hope I'm understanding this correctly - Since the SWITCH is sending the informs to the NMS, the NMS is considered the "remote agent", thus its engineID (I'll need to figure out how to find it) will need to be configured in the SWITCH itself via snmp-server engineid remote [IP] [engineID]?

-Will

That is correct.  The switch will send the inform with the NMS's engineID.  Therefore the switch needs to know the proper remote engineID.  See http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp21645 and http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1001347 .

Is there an easy way to to discover the remote engine ID from a client?  As I understand it there is a mechanism in V3 that allows for auto-discovery during the 2-way handshake.

Simply do an SNMPv3 GET or GET-NEXT from your NMS.  That will trigger engineID discovery.  The NMS agent will return a REPORT PDU that contains its authoritative engineID.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: