Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
382
Views
0
Helpful
4
Replies

snmpv3 failure

mulhollandm57
Level 1
Level 1

‎02-29-2024 07:35 AM

folks

i've moved from snmpv2 to snmpv3 and i'm no longer seeing any events on my snmp server

when i run a packet capture i can see my router sends a get-request to the snmp server

the snmp server, spectrum, then replies with a 'report' but i suspect with the wrong engineid - the router engine id ends in '4748'

can someone confirm if i'm correct or is there something else i'm missing

i've attached some wireshark screenshots

thanks to anyone taking the time to look at or respond to this - greatly appreciated

Labels:
Preview file
39 KB
Preview file
59 KB
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎03-01-2024 01:08 AM - edited ‎03-01-2024 01:08 AM

what is the device model and what IOS code running on it.

post your SNMP configuration  ?

or use below template :

https://community.cisco.com/t5/networking-knowledge-base/configuration-template-for-snmpv3/ta-p/4666450

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

mulhollandm57
Level 1
Level 1

‎03-01-2024 02:08 AM

balaji.bandi

many thanks for your reply, it's greatly appreciated - I've pasted the sanitised config below

version 9.3(9) Bios:version 07.69
snmp-server source-interface traps mgmt0
snmp-server source-interface informs mgmt0
snmp-server globalEnforcePriv
snmp-server user SNMP-TEST13 network-operator auth sha 0x2275de2ece5555558594b47b52e54481daa6c81a priv aes-128 0x8812c5ad078f6555555bf405085e04a47b97cc88 localizedkey
snmp-server user SNMP-TEST13 use-ipv4acl ACL_SNMP_VTY
snmp-server host 10.63.132.100 informs version 3 priv SNMP-TEST13
snmp-server host 10.63.132.100 use-vrf management
rmon event 1 log trap public description FATAL(1) owner PMON@FATAL
rmon event 2 log trap public description CRITICAL(2) owner PMON@CRITICAL
rmon event 3 log trap public description ERROR(3) owner PMON@ERROR
rmon event 4 log trap public description WARNING(4) owner PMON@WARNING
rmon event 5 log trap public description INFORMATION(5) owner PMON@INFO
snmp-server enable traps ospf
snmp-server enable traps cfs state-change-notif
snmp-server enable traps cfs merge-failure
snmp-server enable traps aaa server-state-change
snmp-server enable traps config ccmCLIRunningConfigChanged
snmp-server enable traps snmp authentication
snmp-server enable traps link cisco-xcvr-mon-status-chg
snmp-server enable traps vtp notifs
snmp-server enable traps bridge newroot
snmp-server enable traps bridge topologychange
snmp-server enable traps stpx inconsistency
snmp-server enable traps stpx root-inconsistency
snmp-server enable traps stpx loop-inconsistency
snmp-server enable traps system Clock-change-notification
 
the nsm, 10.63.132.100, can poll the router using snmpv3, but if i change from v2 to v3 all traps stop working immediately

thanks for your help 
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to mulhollandm57

‎03-01-2024 02:41 PM

for testing i use simple below:

snmp-server user balaji network-admin v3 auth sha Mysha priv aes-128 Privaes

check snmp user priv :

#show snmp user

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Georg Pauwen
VIP
VIP

‎03-04-2024 08:41 AM

Hello,

stupid question maybe, but have you set up an SNMPv3 user and trap receiver on the Spectrum ?

0 Helpful
Customers Also Viewed These Support Documents