I am attempting to transition from snmp v2 to v3, but it’s just not working. I’ve attempted several different Cisco switch models (3850, 6800, 2960x, etc). When I make the change in LibreNMS, I get an error saying it can’t contact the switch and reverts back to snmp v2. When I run debug for snmp on the switch, it never sees the request. I can see the successful v2 snmp requests and return traffic in the switch debug logs, but not anything v3. So it doesn’t even look like an authentication problem. It seems the traffic is not even getting from the server to the switch. Is there a way to debug the snmp requests from the LibreNMS side?
As frequently happens after finally asking for help, I made progress. I took a methodical approach, started with noauth and nopriv and it worked fine. Added auth (still no priv) and that’s when it broke. It seems SHA hash algorithm does not work, but MD5 does. Continuing on to adding priv, everything still works even using AES or DES.
So I would assume the SHA issue would be with the server. Would this be LibreNMS or Ubuntu? I’m not a Linux guy, so any suggestions on fixing this would be appreciated.
Hi,
can you check with snmpwalk ?
snmpwalk -v 3 -u <username> -a <MD5|SHA> -A <authenticationPass> -x <DES|AES> -X <private Pass> -l authPriv <hostname or ip>
Thanks! The feedback from that helped me figure out the issue.