Hello Pushpa,
Which persistent file are you looking for ? Only place I have snmp v3
configurations on the server are snmptrap.conf
createUser -e 0x80001F8804303039343031303131313331 econv3_admin SHA test12345
AES test12345
createUser -e 0x80001F8804303039343031303131313334 econv3_admin SHA test12345
AES test12345
authuser log econv3_admin
The remote device we are currently testing as an agent is a cluster of
firewalls. This is requires the username is the same. It is configured once
for the config, then utilized on both devices within the cluster. You cannot
set unique usernames for the cluster unfortunately.
Thanks much,
Brian
From: Pushpa Thimmaiah
<pushpa.thimma...@gmail.com<mailto:pushpa.thimma...@gmail.com>>
Date: Monday, March 7, 2016 at 4:19 AM
To: Brian Fernald <bfern...@econtinuity.net<mailto:bfern...@econtinuity.net>>
Cc:
"net-snmp-users@lists.sourceforge.net<mailto:net-snmp-users@lists.sourceforge.net>"
<net-snmp-users@lists.sourceforge.net<mailto:net-snmp-users@lists.sourceforge.net>>
Subject: Re: snmptrapd snmp v3 fails on long engine id
Hi Brian,
Can you paste usmUser entries for that configuration . Its available in snmp
persistent file.
Its better to use different usernames
Thanks,
Pushpa.T
On Sat, Mar 5, 2016 at 3:58 AM, Brian Fernald
<bfern...@econtinuity.net<mailto:bfern...@econtinuity.net>> wrote:
Hello All -
I am pulling hairs on this one.
I have a network device that generates EngineIDs such as this one :
80001F8804303039343031303131313331
My snmptrapd.conf has:
createUser -e 0x80001F8804303039343031303131313331 econv3_admin SHA test12345
AES test12345
authuser log econv3_admin
Restarting snmptrapd results in :
No log handling enabled - turning on stderr logging
registered debug token snmptrapd, 1
registered debug token usm, 1
registered debug token usmUser, 1
snmptrapd: Freeing trap handler lists
usmUser: created a new user econv3_admin at 80 00 1F 88 04 30 30 39 34 30 31 30
31 31 31 33
31
This works fine and log shows the following along with the trap details:
usm: USM processing begun...
usm: match on user econv3_admin
usm: Verification succeeded.
usm: USM processing completed.
I then add a second device, so now the snmptrapd.conf looks like
createUser -e 0x80001F8804303039343031303131313331 econv3_admin SHA test12345
AES test12345
createUser -e 0x80001F8804303039343031303131313334 econv3_admin SHA test12345
AES test12345
authuser log econv3_admin
Restarting snmptrapd results in :
No log handling enabled - turning on stderr logging
registered debug token snmptrapd, 1
registered debug token usm, 1
registered debug token usmUser, 1
snmptrapd: Freeing trap handler lists
usmUser: created a new user econv3_admin at 80 00 1F 88 04 30 30 39 34 30 31 30
31 31 31 33
31
usmUser: created a new user econv3_admin at 80 00 1F 88 04 30 30 39 34 30 31 30
31 31 31 33
34
This time , the logs show the following, AND is also followed by the trap
details.
usm: USM processing begun...
usm: match on user econv3_admin
########### > usm: no match on engineID (80 00 1F 88 04 30 30 39 34 30 31
30 31 31 31 33 34 )
usm: match on user econv3_admin
usm: Verification succeeded.
usm: USM processing completed.
Why is it reporting usm: no match on engineID (80 00 1F 88 04 30 30 39 34 30
31 30 31 31 31 33
34 ) and yet seemingly working (it logs the trap) ?
To test what was going on, I replaced the engineID with the identical ID,
minus the last 34 at the end. Restarted snmptrapd. It worked fine without
the Match error. I then re-added the 34, restarted snmptrapd and it reports
the no match error again.
Can anyone explain to me what is going on and if it is or is not working ?
Thanks much !
Brian
------------------------------------------------------------------------------
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net<mailto:Net-snmp-users@lists.sourceforge.net>
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://makebettercode.com/inteldaal-eval
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
