Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1388
Views
0
Helpful
4
Replies

Using SNMP to verify AAA Authentication

GreatBeach
Level 1
Level 1

‎01-14-2019 09:52 AM

I am using a script to poll through our switches for minimum switch compliance (code version, temp, etc..).  Sometimes switches are put online without AAA configured and I would like to track when this happens.   I would like to pull this information via SNMP instead of logging into the switch - is this possible?

 

I found some information for 'CISCO-AAA-SESSION-MIB' but it does not work for any of our models.  However, I am not an expert by no means and thought I am probably leaving something out obvious. 

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎01-14-2019 09:59 AM

what is the models here, and what code it running ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

GreatBeach
Level 1
Level 1
In response to balaji.bandi

‎01-14-2019 10:20 AM

Thanks for the reply.   We have 3750[G|X] and 3850's as well.   Here are our minimum standard code levels:

 

3750 12.2 55 SE 11
3750X

150-2.SE7 and 150-2.SE10a
3850

03.06.06E

 

The switch could have a newer or older code level however as these switches are sometimes new out of the box or older ones from storage.

0 Helpful

Yinchuan
Level 1
Level 1

‎01-14-2019 10:09 AM

You may use RW community to direct switches to upload its configuration to a TFTP server, then check for that on TFTP server.

Or you may enable HTTP access to run something like `show run | section aaa`.

0 Helpful

GreatBeach
Level 1
Level 1
In response to Yinchuan

‎01-14-2019 10:26 AM

Thank you, I also thought about grabbing the config via TFTP but wanted to explore the SNMP possibilities first. We have a standard username and password for switches that we are staging for AAA management (which is later removed). I could run through my switches and try the default credentials via SSH or Telnet. I might go that route. This is good information to have as anyone knowing the default creds could cause some serious trouble on our network.
0 Helpful
Customers Also Viewed These Support Documents