Search 85,328 posts and 649 resources contributed by 43,099 members or post a topic.

Already Joined? Sign in
SNMPv3

Page 1 of 2 (17 items) 1 2 Next > | RSS

rated by 0 users
Answered (Verified) This post has 2 verified answers | 16 Replies | 7 Followers | 2,780 Views


772 Posts
Points 2,440
Thwack MVP
bleearg13 posted on Thu, May 22 2008 5:55 AM
rated by 0 users

Does anyone have SNMPv3 running with Cirrus?  I'm trying to add my first Cirrus node in that is using v3 and I'm having some trouble.  I have the same exact settings in Cirrus as I do in Orion, but for some reason, Cirrus cannot poll the device.  In Orion (which is on the same server), I have no context configured, but in Cirrus, it seems that I need a context, or I get an authorization failure when attempting to validate the SNMP credentials.  However, with the context in, the SNMP validation passes, but no information is populated, such as the System OID and name.  My SNMPv3 view on the router is configured to allow this particular user (the same user that is configured in Orion) to view the entire 1.3 tree.  Here's my settings in Cirrus:

SNMP Version:  3
Context:  context1
Username:  noc
Auth Type:  SHA1
Auth Password:  <auth_pass>
Encryption Type:  AES128
Encryption Password:  <encryption_pass>

Is there something I'm missing?

  • | Post Points: 10

Answered (Verified) Verified Answers


106 Posts
Points 452
Answered (Verified) jcooler replied on Thu, Sep 3 2009 12:31 PM
rated by 0 users
Verified by AllisonB

PROBLEM RESOLVED!!!

SW Tech Support just sent me an updated cirrusSNMPv7.dll file.

I replaced the old file with the new that they sent me. My snmp v3 devices now work with 30 char md5 and 30 char des 56 passwords.

 

thanks dev guys

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 23

2,531 Posts
Points 25,214
Moderator
SolarWinds Employee
Answered (Verified) chris.lapoint replied on Mon, Sep 14 2009 4:11 PM
rated by 0 users
Verified by AllisonB

For folks experiencing this issue, please contact support to get this hotfix.

Chris LaPoint, Sr. Product Manager
SolarWinds
Austin, TX

  • | Post Points: 21

All Replies


226 Posts
Points 1,733
SolarWinds Certified Professional
ceclark replied on Thu, May 29 2008 3:43 PM
rated by 0 users

 Looks good to me. The only difference I see from my configs is the encryption type. I'm using DES. What platform is this that it supports AES?

  • | Post Points: 3

772 Posts
Points 2,440
Thwack MVP
bleearg13 replied on Fri, May 30 2008 6:24 AM
rated by 0 users

 Juniper routers.

  • | Post Points: 3

226 Posts
Points 1,733
SolarWinds Certified Professional
ceclark replied on Fri, May 30 2008 11:38 AM
rated by 0 users

I wish I had one! I guess I'm not too much help anymore, sorry.

 

  • | Post Points: 1

2 Posts
Points 6
Answered (Not Verified) kkunzler replied on Mon, Jun 15 2009 3:51 PM
rated by 0 users
Suggested by kkunzler

I have Cirrusv5 running SNMPv3 with my Cisco gear.  It appears from my testing that SHA-1 is NOT supported by solarwinds, but rather the older (archaic and mostly unused) original SHA algorithm.   Of course it could be my Cisco gear is the wrong version, but anyhow they refuse to talk to each other useing SHA.  I can get my Cisco gear to to use md5 for auth and aes for encryption, but have never been able to use sha for authentication.  Everything else seems correct, here is exactly what I have today:

SNMP Version:  3
Context:  <blank>
Username:  solarwinds
Auth Type:  md5
Auth Password:  <auth_pass>
Encryption Type:  AES128
Encryption Password:  <encryption_pass>

This is a call-out to Solarwinds to support proper SHA-1 for authentication of SNMPv3.

  • Post Points: 3

2,531 Posts
Points 25,214
Moderator
SolarWinds Employee
chris.lapoint replied on Tue, Jun 16 2009 10:31 AM
rated by 0 users

For folks experiencing this issue, how long is your password?

Chris LaPoint, Sr. Product Manager
SolarWinds
Austin, TX

  • | Post Points: 5

772 Posts
Points 2,440
Thwack MVP
bleearg13 replied on Tue, Jun 16 2009 11:38 AM
rated by 0 users

The user password or the privacy password?  My privacy password is 20 characters long and includes symbols.

  • | Post Points: 1

2 Posts
Points 6
kkunzler replied on Tue, Jun 16 2009 12:55 PM
rated by 0 users

I have tested this with 4-5 character all text auth passwords as well as 15 character passwords and am unable to get SHA working against my Cisco gear.  I must redact my call-out to Solarwinds as It seems that I placed the blame on them, in reality, I am unsure whether my Cisco gear is SHA or SHA-1.  It seems that one or the other is sha and the other sha-1 possibly causing the issue for me, I can't speak for Juniper though.  MD5 works well for auth no matter the size of password.

  • | Post Points: 3

106 Posts
Points 452
jcooler replied on Wed, Aug 12 2009 11:02 AM
rated by 0 users

Please help!

I am attempting to add a few nodes to NCM using snmp v3 but snmp will not validate.

The nodes work perfect in Orion NPM, using the exact same snmpV3 settings/credentials.

I am using the following:

context [blank]

auth type: MD5

auth pass:  [30 chars with several special chars]

encrypt pass: [30 chars with several special chars]

 

Any ideas on why NCM will not authenticate with snmp v3?

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 3

225 Posts
Points 1,121
SolarWinds Employee
Sham Chauthani replied on Wed, Aug 12 2009 11:11 AM
rated by 0 users

What version of NCM are you using?

Sham Chauthani
Development Manager
SolarWinds

  • | Post Points: 3

106 Posts
Points 452
jcooler replied on Wed, Aug 12 2009 11:23 AM
rated by 0 users

lastest version.  

NCM v5.5.1

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 1

106 Posts
Points 452
jcooler replied on Wed, Aug 12 2009 12:31 PM
rated by 0 users

I did a wireshark capture to see what the snmp packets look like.

Here is a snippet from a WORKING NPM PACKET:

 

 

 

Here is a snippet from a NON-WORKING NCM PACKET:

 

Notice that the Authentication password and the encryption password is missing.

 

I'm guessing that NCM doesn't like the special characters in the passwords. Unfortunately, I have to have 30 chars and special chars to meet our strict cooperate policy.

 

Thoughts? answers?

Thanks,

Jeremy

 

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 1

106 Posts
Points 452
jcooler replied on Thu, Aug 13 2009 2:10 PM
rated by 0 users

I have done some further investigation into the SNMP v3 with NCM.

It seems that I can only use up to 15 characters in the MD5 or the DES password.

 

Any patch or other change I can make to get around this?

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 3

2,531 Posts
Points 25,214
Moderator
SolarWinds Employee
chris.lapoint replied on Thu, Aug 20 2009 11:34 AM
rated by 0 users

jcooler, we've done some additional investigation on the dev side and you are correct.   The issue was more complicated than we thought so our current fix does not resolve this problem.

Can you open a support ticket on this one and include a reference to this thread?    We want to track customers experiencing this issue in case we're able to deliver this as a hotfix.

Chris LaPoint, Sr. Product Manager
SolarWinds
Austin, TX

  • | Post Points: 3

106 Posts
Points 452
jcooler replied on Thu, Aug 20 2009 11:43 AM
rated by 0 users

Thanks for the update Chris.

I have a case open. case #: 111226

 

I have droped the chars in my snmp v3 passwords to 15 for now. But I would still be interested in getting a work around for this.

NPM 9.5 SP5  NCM, NTA, IPSLA, IPAM,  engineers Toolset      CatTools

  • | Post Points: 1
Page 1 of 2 (17 items) 1 2 Next > | RSS

© 2003 - 2010 SolarWinds, Inc. All Rights Reserved.

Who is SolarWinds?

SolarWinds is rewriting the rules for how companies manage their networks. Guided by a global community of network engineers, SolarWinds develops simple and powerful network management software and network monitoring software for networks of all sizes. SolarWinds also offers a network certification program to become a SolarWinds Certified Professional (SCP).

What is thwack?

thwack, SolarWinds online community site, was designed by network engineers, for network engineers. thwack is a vibrant, growing community of more than 30,000 IT pros who share a passion for technology.

Explore Resources, Answers, Templates, and Advice

Download Free Networking Tools

Learn More About SolarWinds Products