04-19-2018 11:08 AM - edited 03-01-2019 06:32 PM
I'm trying to use the following snmpset commands to send config changes to a 4321 that doesn't seem to have crypto keys generated for ssh. The file rtr-cfg.config just enables telnet. I know the commands work since I tested them on a different device and the commands were pushed.
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.2.668 i 1
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.3.668 i 1
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.4.668 i 4
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.5.668 a tftp-server-ip
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.6.668 s "rtr-cfg.config"
snmpset -c RWCommunitySTR -v 2c TargetDeviceIP 1.3.6.1.4.1.9.9.96.1.1.1.1.14.668 i 1
Are the oids different for 4321s??
Solved! Go to Solution.
04-23-2018 12:55 PM - edited 04-23-2018 02:16 PM
I figured it out! I was trying to do the config transfer via tftp. In the config on another router that has this same issue (except that I can already ssh into it), I found the following command:
ip tftp source-interface gigabitEthernet 0 (the management port which is not connected nor is it configured)
Since there is no cable connected to this interface, tftp will not work. I looked at the copy of the config I have for the router I'm trying to get into and it's pointing to this interface as well. It doesn't appear that FTP nor SCP are supported either even though the options are present for the OID. In this case I will have to send a console cable out and have them connect it to our branch server unfortunately. Glad I can have some closure on why it did not work though.
04-19-2018 12:55 PM
The 4321 supports those OIDs but have you tried it multiple times with the same number at the end of the OIS string (668?)
There is a timeout limit of 5 minutes so maybe something went wrong the first time and now you have to use a different random number to upload the file.
Did you check out this guide?
They also use the 1.3.6.1.4.1.9.9.96.1.1.1.1.14.x value of 4 instead of 1, maybe give that a go?
Hopefully this helps.
04-20-2018 07:22 AM
Yes I've tried it numerous times. There is a way to check the status of the copy using the oid:
.1.3.6.1.4.1.9.9.96.1.1.1.1.10 (ccCopyState)
It sits at a state of 2 for a little while then goes to 4 (failed)
I tried using 4 (createAndGo) like you suggested and got an inconsitentValue error.
04-20-2018 10:51 AM
You should be able to check the status of the failure with
1.3.6.1.4.1.9.9.96.1.1.1.1.13
It might give you some insight into why it failed.
04-20-2018 11:44 AM
That OID returns 3 (timeout). I never even see the tftp attempt begin in wireshark. Also I tested on another 4321 and the commands work as expected on that one so this seems like an issue specific to this router. I'm suppose I'll do some more investigating, maybe do the TFTP from the local subnet and see if that works. I will report back if I find the root cause.
04-23-2018 12:55 PM - edited 04-23-2018 02:16 PM
I figured it out! I was trying to do the config transfer via tftp. In the config on another router that has this same issue (except that I can already ssh into it), I found the following command:
ip tftp source-interface gigabitEthernet 0 (the management port which is not connected nor is it configured)
Since there is no cable connected to this interface, tftp will not work. I looked at the copy of the config I have for the router I'm trying to get into and it's pointing to this interface as well. It doesn't appear that FTP nor SCP are supported either even though the options are present for the OID. In this case I will have to send a console cable out and have them connect it to our branch server unfortunately. Glad I can have some closure on why it did not work though.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide