Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3027
Views
10
Helpful
3
Replies

Snmp v3 on Cisco IOS XE Cupertino 17.8.x

Go to solution
mipxman
Level 1
Level 1

‎08-20-2022 08:46 PM

Hello guys, I try to configure snmp v3 in ISR routers 4451 with Coupertino 17.8.01 but it can't authentication. 

I configure same commands in Amsterdam 17.3.5 BUT it works truly. Is it about Software bug ? 

 

 

 

 

SrDoSnmp: authentication failure, Unknown Engine ID
SrParseV3SnmpMessage: digest mismatch
SrParseV3SnmpMessage: Failed.
SrDoSnmp: authentication failure

 

 

 

 

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to mipxman

‎08-21-2022 02:24 AM - edited ‎08-21-2022 02:25 AM

Use SHA authentication

MD5 - check this bug and upgrade to the suggested version :

https://bst.cisco.com/bugsearch/bug/CSCwa34684

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎08-21-2022 12:41 AM - edited ‎08-21-2022 12:41 AM

 

I configure same commands in Amsterdam 17.3.5

Can we see those commands? If you are using MD5 authentication, that was deprecated.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
mipxman
Level 1
Level 1
In response to balaji.bandi

‎08-21-2022 01:44 AM - last edited on ‎08-29-2022 10:16 PM by Community Manager

yes Md5 authentication get error

 

 

 

Aug 17 03:41:32.776: %SNMP-6-AUTHPROTOCOLMD5: Authentication protocol md5 support will be deprecated in future
Aug 17 03:41:32.776: %SNMP-6-PRIVPROTOCOLDES: Privacy protocol des support will be deprecated in future
Aug 17 03:41:32.776: %CRYPTO_ENGINE-3-CSDL_COMPLIANCE_FAIL: Cisco PSB security compliance violation is detected. Use of MD5 by SSH Process is denied

 

 

 

but with new authentication method I can't receive  snmp v3 , too .

 

 

 

 

(config)# snmp-server group SNMPMON v3 priv reas READ
(config)# snmp-server view READ internet included
(config)# snmp-server user USER  SNMPMON v3 auth sha SECRET priv ase 256 PASS

 

 

 

 my debug when I send

snmpwalk

command from snmp server : 

 

 

 

#debug snmp packet 
SrDoSnmp: authentication failure, Unknown Engine ID
SrParseV3SnmpMessage: digest mismatch
SrParseV3SnmpMessage: Failed.
SrDoSnmp: authentication failure

 

 

 

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to mipxman

‎08-21-2022 02:24 AM - edited ‎08-21-2022 02:25 AM

Use SHA authentication

MD5 - check this bug and upgrade to the suggested version :

https://bst.cisco.com/bugsearch/bug/CSCwa34684

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card