Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2428
Views
0
Helpful
6
Replies

configuring snmpv3 to read mac address table

carl_townshend
Spotlight
Spotlight

‎03-31-2021 07:43 AM

Hi All

I need to configure my NMS to read the mac address table of my 9600 switch via snmpv3, there are 100+ vlans on the switch and I want to read all mac addresses from all vlans.

For some reason it is not pulling back any mac addresses, if I use snmpv2 it works fine.

The config I have is below

snmp-server group nacgroup v3 priv read nacread write nacwrite

snmp-server user forescout nacgroup v3 auth sha TEST priv aes 256 TEST
snmp-server view nacread iso included

snmp-server view nacwrite iso included

 

Is this config enough? or do I need to change something?

Cheers

 

 

 

Labels:
0 Helpful
6 Replies 6

marce1000
Hall of Fame
Hall of Fame

‎04-01-2021 12:06 AM

 

         - Check if there is anything in the logs of the switch when this is tried.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

carl.townshend
Level 1
Level 1
In response to marce1000

‎05-11-2021 07:39 AM

Hi 

I am seeing the following

15619404: May 11 15:37:07.660: SNMP: Packet received via UDP from 172.30.64.145 on GigabitEthernet0/0SrParseV3SnmpMessage: No matching Engine ID.
SrParseV3SnmpMessage: Failed.
SrDoSnmp: authentication failure, Unknown Engine ID

15619405: May 11 15:37:07.660: SNMP: Report, reqid 1216423989, errstat 0, erridx 0
internet.6.3.15.1.1.4.0 = 2
15619406: May 11 15:37:07.664: SNMP: Packet sent via UDP to 172.30.64.145
process_mgmt_req_int: UDP packet being de-queued

15619407: May 11 15:37:07.672: SNMP: Packet received via UDP from 172.30.64.145 on GigabitEthernet0/0SrParseV3SnmpMessage: not in lifetime failure
SrParseV3SnmpMessage: Failed.
SrDoSnmp: Packet not in Time Window

0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to carl.townshend

‎05-11-2021 10:07 AM

 

 - Check if the Resolving-reply from this thread can help :

                       https://community.cisco.com/t5/network-management/snmpv3-authpriv-problem-not-in-time-windows/td-p/1987424

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

carl.townshend
Level 1
Level 1
In response to marce1000

‎05-12-2021 02:07 AM

Hi

What fixed it was moving the priv aes from 256bits to 128bits

Many thanks

0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to carl.townshend

‎05-12-2021 03:58 AM

 

  - Tx for this info , very informative for the forum.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

prashantthinks
Level 1
Level 1

‎09-11-2022 10:18 AM

IN NMS, while adding just go to permission mode and for MAC discovery try with SNMP and CLI option both.

0 Helpful
Customers Also Viewed These Support Documents