Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1461
Views
5
Helpful
4
Replies

delete snmp v2 credentials for Assurance

adrian916
Level 1
Level 1

‎12-02-2019 01:26 PM

We no longer use SNMP v2 and now use SNMP v3 in DNA .(The v2 community strings were removed from the switches and the v3 settings applied instead

After re-running discovery, the devices are detected and managed using the v3 credentials.

However, Assurance shows that all but one device is unmonitored. The only monitored device is one where we have not removed the 'public' and 'private' v2 community strings

I cannot delete the SNMP v2 credentials from DNA-C network settings as I get the error:

"Credential {SNMPv2-ro} is associated with Network Settings for site - Global. You must either associate a different credential or create a new credential of the same type and associate it with the site, prior to deletion."

How can I delete these v2 credentials which are now unused, or how can I get Assurance to use the v3 credentials in order to monitor the switches, as these are defined at the Global network settings level

Labels:
0 Helpful
4 Replies 4

Preston Chilcote
Cisco Employee
Cisco Employee

‎12-02-2019 02:21 PM

Last I saw, snmpv2 is still required for full assurance and telemetry (especially for traps sent to Cisco DNA-Center).  SNMPv3 credentials are used for polling some basic information, like CPU and memory, but Assurance needs more information than that.  I assume SNMPv3 will be supported someday, but it would be useful for you to use the "make a wish" function in the Cisco DNA dashboard to communicate that to our development teams.

adrian916
Level 1
Level 1
In response to Preston Chilcote

‎12-03-2019 01:59 AM

Thanks for that information. At least I'm not going mad trying to find something that isn't there! 

0 Helpful

ChuckMcF
Level 1
Level 1
In response to adrian916

‎01-17-2020 08:48 AM

A few days ago I did a "Make A Wish" for them to quit using SNMPv1 and SNMPv2 and instead allow us to set up credentials for SNMPv3 with AES and SHA (128 and 256 options). Hopefully that is put into a future upgrade. If you make a similar request in Make A Wish it may help move it in priority.

Hope this is helpful,

Chuck

0 Helpful

adrian916
Level 1
Level 1
In response to ChuckMcF

‎01-17-2020 10:39 AM

Thanks. We had a call with cisco TAC and I think they are planning v3 support. In relation to the original post, we had to restart the snmp service from cli in order to pick up the new v2 credentials for assurance as it wasn't happening automatically for some reason (they collected loads of logs for further investigation! ) 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents