11-19-2008 03:06 PM
Hi all,
I am testing against an MDS 9124 at 3.2(3a), and have not been able to communicate to the switch using SNMP v3 noAuthNoPriv. I have configured an SNMP user with noAuthNoPriv as a member of the network-admin group, using the following command:
snmp-server user test_1 network-admin
All attempts to query the switch with this user result in an authorization failure.
Any ideas on what I am missing in the configuration?
Thank you!
--andrea
11-20-2008 03:14 AM
Andrea,
The MDS has 2 logins types that should automatically sync with each other. If you create a CLI user (for telnet and SSH), that same user should be generated for SNMP V3 access (Fabric and Device Manager). If you want to generate an SNMP user called test_1 and provide network-admin role, the command is something like this. (I don't have access to MDS at the moment due to a lab move so I can not confirm the exact command.)
snmp-server user test_1
You need to provide the password, and specify that role is network-admin. As you enter the command, you can use the ? to see what the next possible parameter might be. IE: 'snmp-server user test_1 ?' should show you that the next entry might be the password.
Once entered, if you enter the command 'show snmp users' you should see test_1 appear like the admin user and both should show network-admin.
Also as a result of the snmp-server user being created, a CLI user should be created with the same password and role. This is seen with the 'show user-account' display command.
Hope this helps,
Mike
11-20-2008 09:58 AM
Hi Mike,
Thank you so much for your reply!
I have found that if I want to create a user with noAuthNoPriv SNMP V3 access, I cannot give the user a password. If I give the user a password, then it automatically gives the user the authPriv level. Using the 'show snmp user' command this shows up as:
User Auth Priv(enforce) Groups
------ ---- ------------- ------
test_1 md5 des(no) network-admin
What I would like is a user with setting:
test_1 no no network-admin
I know this is probably not the normal usage of SNMP V3, but this is a test case I must cover since it is available in SNMP V3.
--andrea
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide