Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1689
Views
0
Helpful
2
Replies

SNMPv3 on Cisco Nexus 9000 with snmpwalk

rumak18
Level 1
Level 1

‎06-05-2024 06:42 AM

Hello,

i've done the following config on my Cisco 92348-GC switch:

nex1-9000(config)# snmp-server protocol enable
nex1-9000(config)# snmp-server location MYLOCAL
nex1-9000(config)# snmp-server engineID local AA:BB:CC:DD:EE:FF
nex1-9000(config)# snmp-server user snmp.user network-operator auth sha-256 $MYPASS priv $PRIVACYPASS engineID AA:BB:CC:DD:EE:FF

 

Now when i try snmpwalk from a LInux machine, i am only able to connect with "authnoPriv", although, in my opinion the privacy is configured with the command "priv" for the user.

This cli command with "authNoPriv" works:

snmpwalk -v3 -a SHA-256 -A $MYPASS -x AES -X $PRIVACYPASS -u snmp.user -l authNoPriv 10.10.1.100

This command with "authPriv" does NOT work with error "Unsupported security level"

snmpwalk -v3 -a SHA-256 -A $MYPASS -x AES -X $PRIVACYPASS -u snmp.user -l authPriv 10.10.1.100

 

So obviously the encryption does not work. 

I've also tried to enforce encryption for the user with the command:

nex1-9000(config)#snmp-server user snmp.user.r enforcePriv
priv protocol not set for the user

But this also does not work on the switch with the error message "priv protocol not set for the user".

So what am i doing wrong here?

Labels:
0 Helpful
2 Replies 2

rumak18
Level 1
Level 1

‎06-06-2024 06:26 AM

Hi,

thank for your hints. But i've already recreated the user several times. And in fact i see it like you. Something is missing in the users config. This can also be seen in the "show snmp user" output:

But then again...what to do with the missing encryption protocol...?

nex1-9000# show snmp user
______________________________________________________________
SNMP USERS
______________________________________________________________

User Auth Priv(enforce) Groups acl_filter

____ ____ _____________ ______ __________

admin md5 aes-128(no) network-admin
snmp.user sha-256 no network-operator

______________________________________________________________
NOTIFICATION TARGET USERS (configured for sending V3 Inform)
______________________________________________________________

User Auth Priv
____ ____ ____
snmp.user sha-256 aes-128
(EngineID )
11:12:22:33:44:55

0 Helpful

rumak18
Level 1
Level 1

‎06-13-2024 07:31 AM

Ok. I've resolved this issue. The switch needed a reboot. It did not accepted all my commands obviously. After rebooting and configuring it from scratch it worked.

0 Helpful
Customers Also Viewed These Support Documents