03-18-2024 04:37 AM
I work in an industrial environment which operates 24/7. We use industrial type switches, and we monitor our network from our central control room using SNMPv3 / authpriv.
The issue we have encountered is that if a switch in the field dies unexpectedly, and an electrician goes out to replace it, they swap the SD card in the switch, the SNMPv3 commands are not present and even though the switch is technically online and operational, it appears offline to our control room operator until a technician is onsite and able to enter the SNMP commands - The commands also don't appear in our backup configurations.
Doing some research it appears that the commands are stored within a private configuration file - is there some way around this?
03-18-2024 06:40 AM
- The snmpv3 parameters are stored in : flash:private-configuration.text ; but the file is not accessible for administrators ; essentially when a device is replaced you need to restore the (running) configuration from it anyway which usually include the snmpv3 directives too. If not or not completely save your standard snmpv3 commands in documentation and then configure the switch manually again accordingly. ; which will then update or generate flash:private-configuration.text
M.
03-19-2024 05:23 AM - edited 03-19-2024 06:00 AM
The issue here is response time. The reason we use Industrial type switches in our environment is so that we can rapidly deploy critical spares in the field when units fail. A shift electrician who has no idea of how a switch is configured can simply go out and swap the Card from the old to the new switch and ensure the cabling is correct, unless a memory card becomes corrupted, there is no sitting down to dump a configuration on to a new device, typically they will stay in the area and wait for confirmation from the control room that the device is online, unfortunately since migrating to v3 this has been an issue. - Using V2c previously we had no issues as everything was stored in the running configuration file. - Since my original post, I've made a workaround using an eem script to re-enter the 2 commands in question if the switch is replaced, but it's not ideal since the credentials in the commands can't then be encrypted - at least the SNMP traffic is which I guess is a start.
03-19-2024 10:47 AM
- I don't think there is a 'further shortcut' for this when snmpv3 is being used ,
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide