Solved: Re: HA Pair FTD Ver.7.3.1 SNMPv3 problem

razelle · ‎09-19-2023

I'm having trouble getting an FMCv managed HA Pair of 2120s ver. 7.3.1 configured for SNMPv3 monitoring via Auvik collector. The Auvik collector are not detecting SNMP as available. I'm using the devices>platform-settings>snmp as my setup per the documentation. I have tried setting the Host to use the management interface and also tried using network zones but with no luck. The Auvik collector on the subnet is seeing other SNMPv3 devices without issue as well as the FMCv's SNMPv3.

On our same Auvik platform under a different a domain I have an FMCv managed single FP1010 FTD ver. 7.0.6 being monitored via SNMPv3 without issue.

Could this be an HA Pair problem or Version problem?

razelle · ‎09-24-2023

Changing Auth and Encrypt type to use sha256 & aes256 fixed the issue.

View solution in original post

marce1000 · ‎09-20-2023

- Check logs on the Cisco device when snmpv3 polling is expected from the Auvik collector ; you may also tweak privacy algorithms used by snmpv3 and or downgrade to AES128 and check if that makes any difference ,

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

razelle · ‎09-21-2023

Thanks for the reply. I'm using the default security of sha & aes(128). The FTDs and Auvik collector can ping each other but from the collector's Auvik shell portOpen test shows 161 as not open on the FTDs.

Working on it.

razelle · ‎09-24-2023

Changing Auth and Encrypt type to use sha256 & aes256 fixed the issue.