Auto-discovery: How to stop the script fromg using the default snmp communities?

Hello team,

I have about 100 sites, and when I run the auto-discovery with snmp-scan.py, I end up getting ton of devices that I did not want to get into my NMS. I have in the config my own community and my SNMPv3, but it still attempts to try the default community of “public”. Is there a away to make it only use the communities I have in my config file?

Scanned m01591rg008.na.site.com (10.107.35.138) Could not connect to m01591rg008.na.site.com, please check the snmp details and snmp reachability
SNMP v2c: No reply with community public
SNMP v2c: No reply with community MyOwnCommunity
SNMP v3: No reply with credentials clubcorp/authNoPriv
SNMP v1: No reply with community public
SNMP v1: No reply with community MyOwnCommunity

Here is what I’m running:

====================================

Component Version
LibreNMS 1.48-3-g83a53d7
DB Schema 2019_01_16_195644_add_vrf_id_and_bgpLocalAs (131)
PHP 7.2.13
MySQL 5.5.60-MariaDB
RRDTool 1.4.8
SNMP NET-SNMP 5.7.2

====================================

Thanks,
Hosam

Are you sure you dont have public as community in config.php?

Yes. this is all I have:

Auto-discovery for network devces

$config[‘snmp’][‘v3’][0][‘authlevel’] = ‘authNoPriv’;
$config[‘snmp’][‘v3’][0][‘authname’] = ‘snmpv3user’;
$config[‘snmp’][‘v3’][0][‘authpass’] = ‘password’;
$config[‘snmp’][‘v3’][0][‘authalgo’] = ‘MD5’;
$config[‘snmp’][‘community’][] = “TboneT1”;

No v2 configuration at all?

Maybe thats the issue. I think (but not sure) that Libre expects at least one v2

I have added v1 and v2c with no luck, no matter what you do, it still scan the default “public” community and adds tons of unwanted devices to my NMS.

Scanned 91564sw1.company.com (10.178.2.10) Could not connect to 91564sw1.company.com, please check the snmp details and snmp reachability
SNMP v2c: No reply with community public
SNMP v3: No reply with credentials mySNMPv3user/authNoPriv
SNMP v1: No reply with community public

Any help with this issue is appreciated, as I’m unable to scan the rest of my network because then I have to do ton of SQL delete statements.

Thanks,
Hosam

Can you snmpwalk the device from the command line?