I would like to know if there is any chance to have running in a cisco device SNMPv2 and SNMPv3 at the same time? I would like to know if both protocols could coexist?.
I am in process of migrating from SNMPv2 to SNMPv3 and I would like to execute all the commands of SNMPv3 on my cisco devices first. My SNMP manager would continue collecting MIB information with SNMPv2. And then I am going to modify the configuration of the SNMP manager.
First I would like to make coexist SNMPv2 and SNMPv3 on all my cisco equipments. And after that I would modify my snmp manager to v3.
Is this posible?
Thanks in advanced!
The switch device can have both snmpv3 users and groups and snmpv2 community strings. I believe that will depend on your snmp manager if it will allow/accept both v2 and v3 traps from the network device. We switched over our firewalls to v3, just not all of our network switches.
I am currently in the middle of upgrading to snmpv3; most of our devices are still running snmpv2 and a few are already on v3 for testing.
What you are asking is possible and people always use this approach in migrating from v2 to v3.
You can have v2 and v3 coexist and also mulitiple community strings in v2 and multiple username and passwords in v3.
It should work perfectly fine. Once you completely move to snmp v3, following document can be useful to learn how to disable v1/v2c completely:
I had the same query and this answer clarified it.
However, on top of it, I have one more requirement as below.
I am using multiple monitoring servers based on ICMP and SNMP to monitor Cisco CPE's. All are being migrated to SNMPv3 now. But some of my servers don't support SNMPv3, on which I am using for traps to receive from CPE.
Can I make such configuration that, SNMPv3 is active for all services but SNMPv2 will send only proactive traps from CPE to the monitoring servers?
Cisco CPE <<<<< snmpv3 <<<<< Monitoring Server1
Cisco CPE >>>>> snmpv2 (traps) >>>>> Monitoring Server1