Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10913
Views
5
Helpful
6
Replies

ASA 8.2(1) - SNMP Masked

sachinraja
Level 9
Level 9

‎02-11-2011 01:53 PM - edited ‎03-11-2019 12:49 PM

Hi All

Just a quick one. in ASA 8.2(1) is the SNMP community name masked when seeing in running config ?

"snmp-server community *****"

Is this a default feature or can be turned off ?

Raj

1 person had this problem
Labels:
0 Helpful
6 Replies 6

PAUL GILBERT ARIAS
Level 5
Level 5

‎02-11-2011 03:46 PM

on my ASA running 8.0 it shows the community in clear text.

0 Helpful

Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to PAUL GILBERT ARIAS

‎02-11-2011 04:19 PM

Hi,

I also see the SNMP community masked.

But you can do:  more system:running-config to see the actual string in the configuration.

Hope it helps.

Federico.

sachinraja
Level 9
Level 9
In response to Federico Coto Fajardo

‎02-11-2011 05:29 PM

Fredrico

Thanks.. I know my SNMP string.. the issue is :

we are using NCM to check compliance for ASA devices, and since NCM doesnt see the community string on the running config, it marks the device as non-compliant. We want to avoid this.. We need community string to be unmasked.. Is there a command I can unmask this?

Regards

0 Helpful

PAUL GILBERT ARIAS
Level 5
Level 5

‎02-11-2011 06:04 PM

Probably that changes depending on the version i will set a lab and let you know

Sent from Cisco Technical Support iPhone App

0 Helpful

sachinraja
Level 9
Level 9
In response to PAUL GILBERT ARIAS

‎02-14-2011 09:17 AM

Any luck with this?

I still dont see any commands in 8.2(1) which can unmask the SNMP string . If not possible, Ill have to create an exception in NCM !

Thanks in advance

0 Helpful

PAUL GILBERT ARIAS
Level 5
Level 5
In response to sachinraja

‎02-14-2011 10:08 AM

I tested on verison 8.0.4 and it shows in clear text then I tested in 8.2.2 and now it shows just *********

Here is what the command reference shows on 8.0

snmp-server community text

And this is what is shows on 8.2

snmp-server community community-string

The text argument was changed to the community-string argument.

http://www.cisco.com/en/US/partner/docs/security/asa/asa82/command/reference/s8.html#wp1508233

This was an enhancement on the command to provide better security.

I hope this helps.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card