In the ASA configuration displays SNMP communities are obfuscated, like this:
ASA# show conf | i community
snmp-server host outside NMS-SERVER community *****
snmp-server community *****
As near back as 9.2 you could still display those communities using this command:
ASA# more system:running-config | i community
snmp-server host outside NMS-SERVER community public
snmp-server community public
I do not know when it changed, but in version 9.4 the more system:running-config command now also obfuscates the SNMP communites. In version 9.4 is there any way to recover these community strings?
Release notes do not show any change in behavior on 9.4.
However, I feel it depends on the "snmp-server community" command.
Please check :
And confirm if you have used :
snmp-server community 0 cisco
snmp-server community 8 cisco
Since, as per command reference, it is clearly written :
"After you have used an encrypted community string, only the encrypted form is visible to all systems (for example, CLI, ASDM, CSM, and so on). The clear text password is not visible."
For ASA 9.4 version, do:
FW-ASA-01/act# more disk0:/ASA.cfg | i community
snmp-server host MGMT-NOC 192.168.10.100 community P@$$w0rd version 2c udp-port 161
snmp-server community P@$$w0rd
You must ensure that you're in system context.
PS: After type "more disk0:" put the "/" and type "?" to show all context configuration files
Luis Claudio Bruno Piacesi
The community strings are defined within each context, not in the system context. Because each context is its own totally separate virtual firewall they are monitored directly via snmp not through the system context, it doesn't work that way.
Within the context itself the command doesn't work.
#changeto context fw-1
CORFW/pri/act/fw-1# more system:running-config | i community
ERROR: % Invalid input detected at '^' marker