Solved: C1111 SNMPV3 failure, not working

peter.zhu · ‎08-11-2025

Hi All, we encountered SNMP failure after RMA replacement, the setting remained as before, but error indicated snmp user not authorized, below is the setting and error log

snmp-server host 194.74.80.139 vrf LAN version 3 priv bt_Smarts_RO
snmp-server host 194.74.84.139 vrf LAN version 3 priv bt_Smarts_RO
snmp-server host 194.74.80.139 version 3 priv bt_Smarts_RO_BTdal
snmp-server host 194.74.80.139 vrf LAN version 3 priv bt_Smarts_RO_BTdal
snmp-server host 194.74.84.139 version 3 priv bt_Smarts_RO_BTdal
snmp-server host 194.74.84.139 vrf LAN version 3 priv bt_Smarts_RO_BTdal

snmp-server group BtRO v3 priv read bt-view write none access 19
snmp-server group BtRW v3 priv write bt-view access 20
snmp-server group Naam v3 priv read SmartsROView write none access 20
snmp-server group BT_RO v3 priv read bt-view write none access 19
snmp-server group BT_RW v3 priv write bt-view access 20
snmp-server group Makita v3 priv read customer write none
snmp-server group Smarts v3 priv read SmartsROView write none access 17
snmp-server group Concord v3 priv write Concord access 18
snmp-server group Voyence v3 priv write Voyence access 20
snmp-server group bt_Smarts_RO v3 priv
snmp-server group bt_Smarts_RO_BTdal v3 priv

Aug 11 05:43:38.574 UTC: SNMP: Packet sent via UDP to 194.102.8.14
Aug 11 05:43:38.889 UTC: SNMP: Packet received via UDP from 194.102.8.14 on Tunnel1SrParseV3SnmpMessage:Wrong User Name.
SrParseV3SnmpMessage: Failed.
SrDoSnmp: authentication failure

Aug 11 05:43:38.890 UTC: SNMP: Report, reqid 2147483647, errstat 0, erridx 0
usmStats.3.0 = 10359SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.

SrV2GenerateNotification:Function has reached clean up routine.

Aug 11 05:43:38.893 UTC: SNMP: Packet sent via UDP to 194.102.8.14
Aug 11 05:43:39.168 UTC: SNMP: Packet received via UDP from 194.102.8.14 on Tunnel1SrParseV3SnmpMessage:Wrong User Name.
SrParseV3SnmpMessage: Failed.
SrDoSnmp: authentication failure

Aug 11 05:43:39.169 UTC: SNMP: Report, reqid 2147483647, errstat 0, erridx 0
usmStats.3.0 = 10360SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.
SrGenerateNotification: Failed to find Group name in GroupTable.

SrV2GenerateNotification:Function has reached clean up routine.

Aug 11 05:43:39.172 UTC: SNMP: Packet sent via UDP to 194.102.8.14
Aug 11 05:43:39.489 UTC: SNMP: Packet received via UDP from 194.102.8.14 on Tunnel1SrParseV3SnmpMessage:Wrong User Name.
SrParseV3SnmpMessage: Failed.

Enes Simnica · ‎08-11-2025

hello @peter.zhu The log lines Wrong User Name and Failed to find Group name in GroupTable mean the SNMPv3 request is coming in with a username the device doesn’t have mapped to any group. After an RMA, this often happens because SNMPv3 users (with their auth/priv passwords) aren’t fully restored from the old box, they aren’t shown in the running config and must be re-entered manually. And use teh show snmp user, and make sure bt_Smarts_RO and bt_Smarts_RO_BTdal exist, have the correct auth/priv settings, and are tied to the right groups. ANn if they are missing add them with the:

snmp-server user bt_Smarts_RO bt_Smarts_RO v3 auth sha <auth-pass> priv aes 128 <priv-pass>
snmp-server user bt_Smarts_RO_BTdal bt_Smarts_RO_BTdal v3 auth sha <auth-pass> priv aes 128 <priv-pass>

meaning that once the user and group match exactly, the authentication failures should stop.... hope it helps and peace!

-Enes

more Cisco?!
more Gym?!

If this post solved your problem, kindly mark it as Accepted Solution. Much appreciated!

View solution in original post

Enes Simnica · ‎08-11-2025

hello @peter.zhu The log lines Wrong User Name and Failed to find Group name in GroupTable mean the SNMPv3 request is coming in with a username the device doesn’t have mapped to any group. After an RMA, this often happens because SNMPv3 users (with their auth/priv passwords) aren’t fully restored from the old box, they aren’t shown in the running config and must be re-entered manually. And use teh show snmp user, and make sure bt_Smarts_RO and bt_Smarts_RO_BTdal exist, have the correct auth/priv settings, and are tied to the right groups. ANn if they are missing add them with the:

snmp-server user bt_Smarts_RO bt_Smarts_RO v3 auth sha <auth-pass> priv aes 128 <priv-pass>
snmp-server user bt_Smarts_RO_BTdal bt_Smarts_RO_BTdal v3 auth sha <auth-pass> priv aes 128 <priv-pass>

meaning that once the user and group match exactly, the authentication failures should stop.... hope it helps and peace!

-Enes

more Cisco?!
more Gym?!

If this post solved your problem, kindly mark it as Accepted Solution. Much appreciated!

peter.zhu · ‎08-11-2025

thanks Enes, I am asking security team for the password and share the result after remapping the username and group manually

peter.zhu · ‎08-21-2025

Hi Enes, the snmp polling back to normal after reconfig the snmp user, thanks for your kind support

Enes Simnica · ‎08-22-2025

@peter.zhu Happy it helped bro, and PEACE!!!!!

more Cisco?!
more Gym?!

If this post solved your problem, kindly mark it as Accepted Solution. Much appreciated!