Hi everyone!

Can somebody help me to reset IPSec Site-to-Site through SNMPSET command.

I have Cisco PIX515E and Cisco 892. I tried to use following commands to reset IPSec, but no lucks and I connot understand why =(

First: Get index of ipsec tunnel on Cisco PIX (for example):

snmpwalk -v2c -c snmpcomRO 172.16.22.2 .1.3.6.1.4.1.9.9.171.1.2.3.1.7

SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.17354752 = STRING: "66.52.253.146"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.17379328 = STRING: "93.115.31.103"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.17391616 = STRING: "52.209.218.25"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.17424384 = STRING: "178.114.174.105"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.35581952 = STRING: "82.126.65.198"

for example let's get 17424384.

Next try to destroy it:

#snmpset -v2c -c snmpcomRW 172.16.22.2 .1.3.6.1.4.1.9.9.171.1.2.3.1.35.17424384 i 2
Error in packet.
Reason: (genError) A general failure occured
Failed object: SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.35.17424384

If I check availability of SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.35.17424384 I receive:

# snmpget -v2c -c snmpcomRO 172.16.22.2 .1.3.6.1.4.1.9.9.171.1.2.3.1.35.17424384
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.35.17424384 = INTEGER: 1

It was on Cisco PIX.

Behavior on Cisco router 892:

# snmpwalk -v2c -c snmpcomRO 192.168.123.1 .1.3.6.1.4.1.9.9.171.1.2.3.1.7
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.781 = STRING: "085.033.081.016"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.783 = STRING: "081.234.232.252"
SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.7.784 = STRING: "213.198.171.030"

Let's get index 781.

# snmpset -v2c -c snmpcomRW 192.168.123.1 .1.3.6.1.4.1.9.9.171.1.2.3.1.35.781 i 2
Error in packet.
Reason: commitFailed
Failed object: SNMPv2-SMI::enterprises.9.9.171.1.2.3.1.35.781

I have the following configuration SNMP on cisco router:

snmp-server community snmpcomRW RW snmp-allow

snmp-server community snmpcomRO RO snmp-allow

If I try to snmpset another OID all fine:

# snmpset -v2c -c snmpcomRW 192.168.123.1 system.sysContact.0 s ZzzzZ2
SNMPv2-MIB::sysContact.0 = STRING: ZzzzZ2

# snmpget -v2c -c snmpcomRW 192.168.123.1 system.sysContact.0
SNMPv2-MIB::sysContact.0 = STRING: ZzzzZ2