Cisco SG350 SNMPv3 trap notifications logging to snmptrapd problem

YuriyLytvynenko · ‎08-31-2021

My company's Cisco Small Business switches SG350 doesn't seem to work with SNMPv3 protocol when sending traps to linux host running snmptrapd. Everything works seamlessly with SNMPv2c, howeven my employeer requires encryption to be used for security reasons.

I'm sending traps (rlLockPortTrap, OID: 1.3.6.1.4.1.9.6.1.101.0.170) upon port security events with debug message sent into CLI:

30-Aug-2021 14:40:14 %2SWPORT-W-LOCKPORTACTIVE: A packet with source MAC 00:e0:4c:68:05:63 tried to access through port gi24 which is locked

I'm using such commands in config mode for SNMPv2:

# snmp-server enable traps

# snmp-server host 192.168.0.250 version 2c public

However nothing is logged to snmptrapd when using SNMPv3 priv/auth/noauth modes (I've tried them all)

# snmp-server enable traps

# snmp-server group port-security v3 priv

# snmp-server user <username> port-security v3 auth sha512 <password1> priv <password2>

# snmp-server host 192.168.0.250 traps version 3 priv <username>

# sh snmp user

User name : <username>
Group name : port-security
Authentication Method : SHA512
Privacy Method : AES-128
Remote :
Auth Password (Encrypted) : <password1>
Priv Password (Encrypted) : <password2>

# sh snmp engineid
Local SNMP engineID: 80000009034ca64dc77ce5

snmptrapd.conf:

traphandle .1.3.6.1.4.1.9.6.1.101.0.170 /etc/snmp/handler.py

createUser -e 0x80000009034ca64dc77ce5 <username> SHA-512 <password1> AES <password2>
authUser log,execute,net <username>

Switch: SG350-52 52-Port Gigabit Managed Switch

Firmware: 2.5.7.85 (18-Jan-2021)

I would be grateful for any help!