Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1304
Views
0
Helpful
2
Replies

LMS 4.2 and SNMPv3

Go to solution
jvalentine22
Level 1
Level 1

‎11-21-2012 11:32 AM

Hi all,

We have a requirement for SNMPv3.  I have implemented it on a test switch, and added a device credential set for it.  This switch, which was previously discoverable (and it's traps viewable) via SNMPv2 is no longer visible to LMS.  I'm had thought my configs were correct, but perhaps not, so I'm not sure if I am missing something in LMS.  Any thoughts appreciated!

Here are the configs on the switch:

snmp-server view LMS iso included

snmp-server view LMS at excluded

snmp-server view LMS snmpUsmMIB excluded

snmp-server view LMS snmpVacmMIB excluded

snmp-server view LMS snmpCommunityMIB excluded

snmp-server group LMS v3 priv read v3read write v3write notify LMS

snmp-user LMS LMS v3 auth md5 authPW priv aes 128 privPW

snmp-server host x.x.x.x traps version 3 priv LMS

Thanks for any assistance!                 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vinod Arya
Cisco Employee
Cisco Employee

‎11-21-2012 12:06 PM

Seems the SNMP v3 config is not correct.

Please see my comments inline (in bold blue) as per your config, in what i think is incorrect:

snmp-server view LMS iso included     --> correct

snmp-server view LMS ####at excluded     --> dont know if #'s are by mistake

snmp-server view NMS snmpUsmMIB excluded --> Not sure if NMS is typo or you made a new view after LMS.

snmp-server view LMS snmpVacmMIB excluded      --> correct

snmp-server view LMS snmpCommunityMIB excluded     --> correct

snmp-server group LMS v3 priv read v3read write v3write notify LMS `--> Incorrerect, as after read and write you should have a SNMP View which is configured with "snmp-server view" command, which is either LMS or NMS in your case. There is no v3read or v3write configured.

snmp-user LMS LMS v3 auth md5 authPW priv aes 128 privPW      -->Not sure if "snmp-user" is again a typo, else everything is correct.

snmp-server host x.x.x.x traps version 3 priv NMS      --> There is no user as 'NMS'. after priv it should be either "SNMPv1/v2c community string or SNMPv3 user name". I dont see any username as NMS, as per config it should be LMS.

-Thanks

-Thanks Vinod **Rating Encourages contributors, and its really free. **

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Vinod Arya
Cisco Employee
Cisco Employee

‎11-21-2012 12:06 PM

Seems the SNMP v3 config is not correct.

Please see my comments inline (in bold blue) as per your config, in what i think is incorrect:

snmp-server view LMS iso included     --> correct

snmp-server view LMS ####at excluded     --> dont know if #'s are by mistake

snmp-server view NMS snmpUsmMIB excluded --> Not sure if NMS is typo or you made a new view after LMS.

snmp-server view LMS snmpVacmMIB excluded      --> correct

snmp-server view LMS snmpCommunityMIB excluded     --> correct

snmp-server group LMS v3 priv read v3read write v3write notify LMS `--> Incorrerect, as after read and write you should have a SNMP View which is configured with "snmp-server view" command, which is either LMS or NMS in your case. There is no v3read or v3write configured.

snmp-user LMS LMS v3 auth md5 authPW priv aes 128 privPW      -->Not sure if "snmp-user" is again a typo, else everything is correct.

snmp-server host x.x.x.x traps version 3 priv NMS      --> There is no user as 'NMS'. after priv it should be either "SNMPv1/v2c community string or SNMPv3 user name". I dont see any username as NMS, as per config it should be LMS.

-Thanks

-Thanks Vinod **Rating Encourages contributors, and its really free. **
0 Helpful

Go to solution
jvalentine22
Level 1
Level 1
In response to Vinod Arya

‎11-23-2012 06:10 AM

Hi Vinod,

Thank you, the group config was the problem!  LMS is able to discover the test device via SNMPv3 now.  Much appreciated!

And yes, the LMS/NMS was a typo above, sorry about that.

Many thanks,

Jen

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents