Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

SNMP v3 on Cisco catalyst 3750 - Not working

Options
  • 23-03-2010 6:38pm
    #1
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭


    Hi,

    I have set up snmp credentials with snmpv3context but when I try to do an snmpwalk using those credentials I get the error "Authentication failure (Incorrect password, community or key)"

    Here are the commands I used to set up the credentials

    snmp-server view irishrover mib-2 included

    snmp-server group irishrover v3 priv context irishrover read irishrover write irishrover

    snmp-server user irishrover irishrover v3 auth md5 irishrover priv des irishrover



    I know the user/group/password/priv is the same which is bad security practice, but its just a test device and I will beef up security once I have it working.



    Here is the snmpwalk command I used:

    snmpwalk -v3 -u irishrover -A irishrover-l AuthPriv -a md5 -X irishrover-x des -m all 192.168.1.1



    Is there anything else that needs to be set on the catalyst? Have I done something wrong?



    Thanks for your help!


Comments

  • Options
    #2
    Dardania
    Registered Users Posts: 3,612 ✭✭✭Dardania


    i've never used snmp at the level you're describing here, so I can't be of much help...but what I noticed from contect helping here on my cisco router - it appears that one can specify an access list at the end of the user command - could this be relevant?

    Also, this may be useful:

    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html


  • Options
    #3
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Dardania wrote: »
    i've never used snmp at the level you're describing here, so I can't be of much help...but what I noticed from contect helping here on my cisco router - it appears that one can specify an access list at the end of the user command - could this be relevant?

    Also, this may be useful:

    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html

    Thanks for the reply.

    I found the solution so decided to post up here how I fixed it.

    The error above was due to a typo when creating the password, however after that error I started getting this error:

    Error in packet. Reason: authorizationError (access denied to that object)

    Eventually I found that the group I had created did not have the correct permissions. I found a group that did have the correct permission and so I added my user to that group by doing:

    snmp-server user irishrover new_group v3 auth md5 irishrover priv des irishrover

    I then reran my snmpwalk, and it worked!


Advertisement