Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1064
Views
0
Helpful
1
Replies

Changing snmp authentication and encryption passwords.

fmaina001
Level 1
Level 1

‎06-04-2014 09:34 AM

 We are in the process of changing authentication and encryption passwords to  strings with more characters.

Our current snmp v3 configuration s work well and we are able to poll our devices from our NMS.

Our current configuration is as follows.

snmp-server group usergroup1 v3 priv notify *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.FFFFFFFF7F
snmp-server group usergroup2  v3 priv read SNMP-View access MONITORING
snmp-server view SNMP-View internet included
snmp-server view SNMP-View system included
snmp-server view SNMP-View interfaces included
snmp-server view SNMP-View chassis included
snmp-server enable traps snmp linkdown linkup coldstart warmstart
snmp-server enable traps envmon fan shutdown temperature status
snmp-server host X.X.X.X version 3 priv user
snmp ifmib ifindex persist

User name: user1
Engine ID: 800000090300001F6DF5FE83
storage-type: nonvolatile        active access-list: MONITORING
Authentication Protocol: MD5
Privacy Protocol: AES128
Group-name: usergroup2

 

#sh snmp group
groupname: usergroup1                        security model:v3 priv
readview : <no readview specified>          writeview: <no writeview specified>       
notifyview: *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.F
row status: active

groupname: usergroup2                      security model:v3 priv
readview : SNMP-View                 writeview: <no writeview specified>       
notifyview: <no notifyview specified>      
row status: active      access-list: MONITORING

 

To change the authentication password  , delete all the commands using the no option, then write memory and input my new configuration with new credentials.

 

snmp-server group usergroup1 v3 priv
snmp-server group usergroup2  v3 priv read SNMP-Secure-View access MONITORING

snmp-server group user1 usergroup2  v3 v3 auth md5 pass1  priv aes pass2
snmp-server view SNMP-View internet included
snmp-server view SNMP-View system included
snmp-server view SNMP-View interfaces included
snmp-server view SNMP-View chassis included
snmp-server enable traps snmp linkdown linkup coldstart warmstart
snmp-server enable traps envmon fan shutdown temperature status
snmp-server host X.X.X.X version 3 priv user
snmp ifmib ifindex persist

But snmp fails because the user does not show active Accesslist as before t configutation change.

User name: user1
Engine ID: 800000090300001F6DF5FE83
storage-type: nonvolatile        active
Authentication Protocol: MD5
Privacy Protocol: AES128
Group-name: usergroup2

 

#sh snmp group
groupname: usergroup1                        security model:v3 priv
readview : <no readview specified>          writeview: <no writeview specified>       
notifyview: *tv.FFFFFFFF.FFFFFFFF.FFFFFFFF.F
row status: active

groupname: usergroup2                      security model:v3 priv
readview : SNMP-View                 writeview: <no writeview specified>       
notifyview: <no notifyview specified>      
row status: active      access-list: MONITORING

Any suggestion as to why user1 is not showing Monitoring acceslist as before?

Labels:
0 Helpful
1 Reply 1

AFROJ AHMAD
Cisco Employee
Cisco Employee

‎06-04-2014 09:26 PM

so now , with user1 you are not able to poll the device  via SNMP ?

Hope you would have deleted the group first then deleted the use  and finally you have reconfigured the group followed by user ?

 

I think you forgot to delete the host command "snmp-server host X.X.X.X version 3 priv user"

delete the host command as well and then reconfigure it from scratch . hope it will work

 

Thanks-

Afroz

***Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful
Customers Also Viewed These Support Documents