Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

SNMP v3 on Cisco catalyst 3750 - Not working

  • 23-03-2010 06:38PM
    #1
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭


    Hi,

    I have set up snmp credentials with snmpv3context but when I try to do an snmpwalk using those credentials I get the error "Authentication failure (Incorrect password, community or key)"

    Here are the commands I used to set up the credentials

    snmp-server view irishrover mib-2 included

    snmp-server group irishrover v3 priv context irishrover read irishrover write irishrover

    snmp-server user irishrover irishrover v3 auth md5 irishrover priv des irishrover



    I know the user/group/password/priv is the same which is bad security practice, but its just a test device and I will beef up security once I have it working.



    Here is the snmpwalk command I used:

    snmpwalk -v3 -u irishrover -A irishrover-l AuthPriv -a md5 -X irishrover-x des -m all 192.168.1.1



    Is there anything else that needs to be set on the catalyst? Have I done something wrong?



    Thanks for your help!


Comments

  • #2
    Dardania
    Registered Users, Registered Users 2 Posts: 3,397 ✭✭✭Dardania


    i've never used snmp at the level you're describing here, so I can't be of much help...but what I noticed from contect helping here on my cisco router - it appears that one can specify an access list at the end of the user command - could this be relevant?

    Also, this may be useful:

    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html


  • #3
    syklops
    Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Dardania wrote: »
    i've never used snmp at the level you're describing here, so I can't be of much help...but what I noticed from contect helping here on my cisco router - it appears that one can specify an access list at the end of the user command - could this be relevant?

    Also, this may be useful:

    http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html

    Thanks for the reply.

    I found the solution so decided to post up here how I fixed it.

    The error above was due to a typo when creating the password, however after that error I started getting this error:

    Error in packet. Reason: authorizationError (access denied to that object)

    Eventually I found that the group I had created did not have the correct permissions. I found a group that did have the correct permission and so I added my user to that group by doing:

    snmp-server user irishrover new_group v3 auth md5 irishrover priv des irishrover

    I then reran my snmpwalk, and it worked!


Advertisement