I have an interesting problem at one of my customers. They are using LMS 4.0.1, but they have a problem with user tracking with SNMPv3. They using a very simple SNMP configuration, wich is the following:
access-list 80 permit x.x.x.x
snmp-server group SNMPV3GROUP v3 priv write SNMPV3_VIEW access 80
snmp-server view SNMPV3_VIEW iso included
snmp-server view SNMPV3_VIEW mib-2 included
snmp-server view SNMPV3_VIEW cisco included
User name: SNMPV3USER
Engine ID: 8000000903000014F2C38169
storage-type: nonvolatile active access-list: 80
Authentication Protocol: SHA
Privacy Protocol: AES128
snmp-server group SNMPV3GROUP v3 context vlan-X
Now they have UT working well for their Ctalyst 4500 switches, and the half of the 6500s (They have 2950 switches as well, but for those UT with SNMPv3 is unsupported). So the problem is the following: they have 12 6500 switches, with the same IOS version (10 pieces of WS-C6506-E + SUP720-3B IOS: 12.2(18)SXF17 (IP Services), 2 pieces of WS-C6506 + SUP720-BASE IOS: 12.2(18)SXF17 (IP Services)). They have identical SNMP configuration on both devices. Based on the logs from LMS it seems that on the problematic switches for some reason LMS identifies the switchports as routed:
==============Checking for Device==============
10.255.255.11 : INFO : The switch has been discovered by ANI Server.
IP : 10.255.255.11
Details :Cisco Internetwork Operating System Software
IOS (tm) s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version 12.2(18)SXF17, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
==============Checking for port Gi1/1==============
Gi1/1 : ERROR : ANI Server has discovered this port as a Routed port. Please run the UTDebug command only on ports connected to end hosts.
The config in the device as follows:
switchport access vlan 162
switchport mode access
no ip address
no snmp trap link-status
TOL_6506E_GT_COR_SW1#sh mac- | i Gi1/1
* 162 0050.5648.a765 dynamic Yes 0 Gi1/1
TOL_6506E_GT_COR_SW1#sh ip arp vrf ebh | i 0050.5648.a765
Internet 10.222.224.129 122 0050.5648.a765 ARPA Vlan162
I didn't find any relevant bugs. Has anyone have any idea?
Thanks in advance,