Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1837
Views
5
Helpful
4
Replies

ASA RA VPN user information using SNMP

benjaminiveagh
Level 1
Level 1

‎12-06-2018 01:06 PM

I have ASA 5508s, 5510s, and 5516s in my environment.  I am using identical configurations all all three platforms, but they do not work on the 5516.  Is there a difference in the SNMP configurations between these platforms?

 

I was looking in the logs.  I initiated a test from our on-prem SolarWinds.  In the logs, I see:

%ASA-3-212006: Dropping SNMP request from <redacted> to <redacted> because: user not found: <username>

 

However, <username> is configured as an SNMP user, and the result of: sh ru | i gdsSNMP

snmp-server group <username> v3 priv
snmp-server user <username> <group> v3 engineID 80000009feedca18a4d864f78636e8b7cb6d1a8de99ee0035d encrypted auth md5 <redacted> priv aes 128 <redacted>
snmp-server user <username> <group> v3 engineID 80000009fef669beb72257f96372cf5e2b16908f867cab235e encrypted auth md5 <redacted> priv aes 128 <redacted>
snmp-server host Core-Uplink <snmp-server-ip> version 3 <username>

 

 I know that if the SNMP request was being blocked by firewall, then the error would be different.

 

Thanks!

Labels:
0 Helpful
4 Replies 4

pieterh
VIP
VIP

‎12-07-2018 06:07 AM

considering:

1) commands do not create a user, but adds a user to an snmp-group

2) <username> is Name of the user on the host that connects to the agent. 

do you also have a

     user <username> password .....

statement  on the host that sends the snmp request?

benjaminiveagh
Level 1
Level 1
In response to pieterh

‎12-10-2018 11:18 AM

Hello Pieterh,

 

Yes, the host that sends the request is using the same statement as they are on all of our other gear, and nothing else is failing, so I can safely assume the statement on the host side is correct.

 

Am I missing a user creation command on the ASA5516?

 

Thanks!

Ben

0 Helpful

Whoops
Level 1
Level 1

‎04-05-2022 04:54 AM

This is old bug:
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuz98722

Workaround: Remove and add the user again.

 

(not username ...)

0 Helpful

pieterh
VIP
VIP
In response to Whoops

‎04-05-2022 07:23 AM

@Whoops 

Hi there, thank you for participating in the forums
but this thread is from 2018, and the bug is from 2020 -> so is this really an "old bug ":-)

0 Helpful
Customers Also Viewed These Support Documents