11-21-2010 01:33 PM
Hello all,
I'm trying to set up snmp v3 to send informs (not traps) to a NMS in the local network. I've got the user, auth password, group, etc. set up, and I can query the switch from the NMS, but no informs would send even I've configured the switch to send vlan changes and general snmp (warm/cold start, link up/down, etc) to the NMS. I'm running into a deadend and was wondering if anyone can see if there's anything missing in this config:
Config parameters (used for testing only):
-auth no private
-NMS IP 10.0.0.21
-informs enabled (no traps)
-user = userv3
-group = groupv3
-auth = md5-encrypted "authkeyv3"
-read/write/notify viewname = viewv3
snmp-server user userv3 groupv3 v3 auth md5 authkeyv3
snmp-server group groupv3 v3 auth read viewv3 write viewv3 notify viewv3
snmp-server host 10.0.0.21 inform version 3 auth userv3 vlancreate vlandelete config snmp
1382 SNMP packets input
0 Bad SNMP version errors
13 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
1380 Number of requested variables
0 Number of altered variables
1363 Get-request PDUs
0 Get-next PDUs
0 Set-request PDUs
1378 SNMP packets output
0 Too big errors (Maximum packet size 1500)
0 No such name errors
0 Bad values errors
0 General errors
1276 Response PDUs
9 Trap PDUs
SNMP global trap: disabled
SNMP logging: enabled
Logging to 10.0.0.21.162, 0/10, 0 sent, 0 dropped.
SNMP Manager-role output packets
0 Get-request PDUs
0 Get-next PDUs
0 Get-bulk PDUs
0 Set-request PDUs
0 Inform-request PDUs
0 Timeouts
0 Drops
SNMP Manager-role input packets
0 Inform request PDUs
0 Trap PDUs
0 Response PDUs
0 Responses with errors
SNMP informs: enabled
Informs in flight 0/25 (current/max)
Logging to 10.0.0.21.162
0 sent, 0 in-flight, 0 retries, 0 failed, 0 dropped
SNMP agent enabled
Would I need to configure the remote engineID for this to work?
Thanks,
-Will
Solved! Go to Solution.
11-21-2010 02:54 PM
That is correct. The switch will send the inform with the NMS's engineID. Therefore the switch needs to know the proper remote engineID. See http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp21645 and http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1001347 .
11-21-2010 01:36 PM
Yes. With informs, it's the remote agent who is authoritative, so you will need to make the device aware of that agent's engineID.
11-21-2010 01:58 PM
Thanks Joseph. I hope I'm understanding this correctly - Since the SWITCH is sending the informs to the NMS, the NMS is considered the "remote agent", thus its engineID (I'll need to figure out how to find it) will need to be configured in the SWITCH itself via snmp-server engineid remote [IP] [engineID]?
-Will
11-21-2010 02:54 PM
That is correct. The switch will send the inform with the NMS's engineID. Therefore the switch needs to know the proper remote engineID. See http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp21645 and http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1001347 .
11-23-2010 12:07 PM
Is there an easy way to to discover the remote engine ID from a client? As I understand it there is a mechanism in V3 that allows for auto-discovery during the 2-way handshake.
11-23-2010 12:10 PM
Simply do an SNMPv3 GET or GET-NEXT from your NMS. That will trigger engineID discovery. The NMS agent will return a REPORT PDU that contains its authoritative engineID.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide