I've created snmp v3 settings for my Adtran 3200 router, running aos 15.02. I'm using my network monitoring tool that supports both sha and md5.
I cannot get it to authenticate using sha authentication? Any help appreciated.
Thank you for replying with the requested information. I do not see a community string in the portion of the configuration you sent, and the output shows "Bad community names." I suggest you configure a community name on the ADTRAN that matches the server. Below is information from the SNMP guide, about the SNMP community string:
Step 4: Enable Read-Only and Read-Write SNMP Access
An SNMP community string is similar to an authentication password between the NMS and SNMP agent device. The community strings can be used to restrict users access to the SNMP MIB information. Specify a community string or password to control access to the SNMP information. By default, there are no SNMP communities configured. Use one or more of the following variations of the snmp-server community command to configure SNMP communities:
(config)# snmp-server community <community>
(config)# snmp-server community <community> ro
(config)# snmp-server community <community> rw
Levi
Thank you for asking this question in the support community. If it is possible, could you reply with a copy of the ADTRAN's configuration (please, remember to remove any information that may be sensitive to the organization), as well as the following SNMP output?
show snmp
debug snmp packet
Also, here is the Configuring SNMP in AOS guide for reference. Please, do not hesitate to provide additional information or ask any questions. I will be happy to help in any way I can.
Levi
Hello Levi,
Here's the commands issued:
snmp-server group OrionNCM v3 priv read ReadView write WriteView
snmp-server view ReadView iso included
snmp-server view WriteView iso included
snmp-server user orionncm OrionNCM v3 auth sha <Password> priv des <Password>
snmp-server host 10.x.y.z informs version 3 priv orionncm
RTR-02#sh snmp
Chassis: RTR-0002
Contact Name: email@corp.com
Contact Phone:
Contact Email:
Contact Pager:
Management URL:
Management URL Label:
493239 Rx SNMP packets
2248 Bad community names
0 Bad community uses
0 Bad versions
0 Silent drops
0 Proxy drops
2284 ASN parse errors
debug snmp packet
SNMP V3 RX: REPORT PDU from 10.26.171.25:49875 (community=)
SNMP V3 TX: REPORT PDU to 10.26.171.25:49875 (community=)
Thank you for replying with the requested information. I do not see a community string in the portion of the configuration you sent, and the output shows "Bad community names." I suggest you configure a community name on the ADTRAN that matches the server. Below is information from the SNMP guide, about the SNMP community string:
Step 4: Enable Read-Only and Read-Write SNMP Access
An SNMP community string is similar to an authentication password between the NMS and SNMP agent device. The community strings can be used to restrict users access to the SNMP MIB information. Specify a community string or password to control access to the SNMP information. By default, there are no SNMP communities configured. Use one or more of the following variations of the snmp-server community command to configure SNMP communities:
(config)# snmp-server community <community>
(config)# snmp-server community <community> ro
(config)# snmp-server community <community> rw
Levi
Thank you Levi,
Can I use snmp v3 without the community string? How can I configure it?
You will not need to have a community name for SNMP version 3. Please, review the commands I displayed in my previous post, or the Configuring SNMP in AOS guide I sent previously about how to configure SNMP community names.
Let me know what other questions you have.
Levi
Great! I've got it working!
I went ahead and flagged this post as “Assumed Answered.” If any of the responses on this thread assisted you, please mark them as either Correct or Helpful answers with the applicable buttons. This will make them visible and help other members of the community find solutions more easily. If you still need assistance, I would be more than happy to continue working with you on this - just let me know in a reply.
Levi
I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons. If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.
Thanks,
Noor