Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1724
Views
0
Helpful
4
Replies

CSPC issues with SNMPv3

jeffrey.buczko
Level 1
Level 1

‎02-10-2017 04:47 PM

I am trying to discover devices with SNMP v3 and it keeps failing.  I have tested SNMPv2c on the same device and it works fine.  There are no ACL.  We are using using SHA-1 and AES-128 and the usernames and passwords are correct.  Has anyone had this issue with discovering devices using SNMPv3

Labels:
0 Helpful
4 Replies 4

npicard
Cisco Employee
Cisco Employee

‎02-15-2017 11:21 AM

Hello Jeffrey,

I have removed the SNMP Config text from your post as it may contain sensitive information. An engineer will respond to your inquiry soon.

Thanks,

Nathalie

0 Helpful

taywelch
Cisco Employee
Cisco Employee
In response to npicard

‎02-15-2017 11:30 AM

Hello Jeffrey, 

What version is the collector running?

Thanks, 

0 Helpful

niduddin
Level 1
Level 1

‎02-15-2017 11:44 AM

Hi jeffrey, 

The previous answer on the community seems relevant to your post. Could you try to see if they resolve your issue?

"When you first discover a device, the collector will go through every credential and try to use it on the device. So if you have 3 snmpv3 strings and 3 snmpv2 strings and 3 ssh credentials, then collector will try a total of 9 credentials.

It will then "remember" which credentials worked on the device.

When the inventory runs, it will then use the credentials that worked during the discovery to do the device polling. If the credentials changed between the time the device was discovered and the time time the inventory runs, then it is possible that the inventory will not complete successfully on the device.

This should be easily fixed by going to Settings > Manage Data Collection Profiles and modifying the profile details so that the box "Run Discovery before Inventory" is selected. 

If that doesn't work, sometimes you have to "unhook" the old credential with the new one by un-managing the device and re-discovering it. You do this by going to Management > Unmanage Devices and then selecting the device(s) that are giving you issues. Then re-run the discovery by going to Management > Discover and Manage Device and add them back in by IP."

https://supportforums.cisco.com/discussion/12935766/inquiry-snmp-v3-discovery

Please let me know if those steps resolved your issue.

0 Helpful

antchris
Cisco Employee
Cisco Employee

‎02-15-2017 12:40 PM

Hi jeffery.buczko,

Please confirm that you can successfully snmpwalk from the CSPC to the desired devices - below you can find the syntax for which to perform the snmpwalk from the CSPC CLI. 

snmpwalk -v3  -l <noAuthNoPriv|authNoPriv|authPriv> -u <username> [-a auth algorithm] [-A <authpass>]  [-x privacy algorithm] [-X <privpass>] <ipaddress>

If you cannot walk to the device from the CSPC successfully, then please check the snmpv3 config on the device side.

Also, did you create the necessary 'Device Credential' via the CSPC WebUI that has the required snmp data? I understand that you made mention of trying in v2 (successfully), but I'd just like to confirm this detail to help rule this option out. Also when triggering the manual discovery job, please ensure to select the appropriate 'Management Protocol' as 'snmpv3' in the drop-down box per the 'Discovery Schedule Options' window - this should be the last window where you will see the 'Finish' button to execute. If the issue persists, please let me know.

Thanks,
Anthony

0 Helpful
Customers Also Viewed These Support Documents