Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SNMP V3 AuthPriv configuration for NAC

Hi Guys,

I'm trying to configure SNMP V3 authpriv on a switch 2960 (12.2.53) to send mac notifications to a NAC Access Manager. But when "priv" is enabled on NAM, and a host is connected to a controlled OOB port, NAM does not change the port vlan to the configured authentication vlan as expected.

If I configure just the authentication on NAM, leaving PRIV as "No Priv"   everything works fine.

Any idea ?

Best Regards

Switch SNMP Config:

snmp-server community c2950_read RO

snmp-server view v1default iso included

snmp-server enable traps mac-notification

snmp-server enable traps snmp linkup linkdown

mac address-table aging-time 3600

snmp-server user cam_user cam_group v3 auth sha cam_auth priv des cam_priv

snmp-server host 1.1.1.1 traps version 3 auth cam_user udp-port 162 mac-notification snmp

snmp-server group cam_group v3 auth read v1default write v1default notify v1default

NAM Snmp Profile

Security Method (Auth/Priv)

User Name 

User Auth 

User Priv     

4 REPLIES
Cisco Employee

Re: SNMP V3 AuthPriv configuration for NAC

Hi,

What is the CCA version you are running?

Worth to check if you are hittingDDTS CSCsv84296: "SNMPv3 traps from switch, is not interpreted by CAM if authpriv is used".

HTH,
Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

New Member

Re: SNMP V3 AuthPriv configuration for NAC

Hi Tiago,

Thanks for your answer. I'm running CAM 4.8.0.  On release notes for  CAM 4.5 and 4.7, the bug  CSCsv84296 is listed as corrected, but I think that the same problem could be hapenning on CAM 4.8.  I'll try to find more information. Thanks a lot for now.

Re: SNMP V3 AuthPriv configuration for NAC

It could be an IOS problem.

We're using NAC 4.8 and 3560 switches with IOS 12.2.50(SE5). We've configured SNMPv3 with SHA and 3DES without problems. Maybe you should try with that IOS version

New Member

Re: SNMP V3 AuthPriv configuration for NAC

Hi Eduardo,

Could you please post the SNMP configuration you are using on the switch ?

I'm goingo to download the ios version you are using to test.

Best regards.

1040
Views
8
Helpful
4
Replies
CreatePlease login to create content