You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have implemented a monitoring tool which receives (SNMP) information from our networkswitches about their activity.
On both sides we have configured the use of SNMP V3 with authentication.
This has worked for years without any significant problems. But recently, after updating our switches, they start to send SNMP-messages which don't seem to be conforming RFC3411. Besides this being a problem in itself, we noticed that the automatically generated report messages returned by our monitoring tool did not contain any authentication data. The authentication and privacy parameters are missing, which in turn ensures that the switches do not accept these incoming report messages.
We would have expected the report messages to use the same authentication as defined in the SNMPEngine initialisation.
Below is our current, partly simplified, implementation of the SNMP Engine:
var users = new UserRegistry();
AESPrivacyProvider = new AESPrivacyProvider(new OctetString("AuthPrivacyPhrase"), new SHA1AuthenticationProvider(new OctetString("AuthSHAPhrase")));
users.Add(new OctetString("username"), AESPrivacyProvider);
TrapV2MessageHandler TrapV2Handler = new TrapV2MessageHandler();
TrapV2Handler.MessageReceived += TrapV2Handler_MessageReceived;
HandlerMapping v3Mapping = new HandlerMapping("v3", "TRAPV2", TrapV2Handler);
var v3 = new Version3MembershipProvider();
var membership = new ComposedMembershipProvider(new IMembershipProvider[] { v3 });
var handlerFactory = new MessageHandlerFactory(new[] { v3Mapping });
var pipelineFactory = new SnmpApplicationFactory(new ObjectStore(), membership, handlerFactory);
engine = new SnmpEngine(pipelineFactory, new Listener { Users = users }, new EngineGroup());
engine.Listener.AddBinding(new IPEndPoint(IPAddress.Any, 162));
engine.Listener.MessageReceived += Listener_MessageReceived;
engine.ExceptionRaised += Engine_ExceptionRaised;
engine.Start();
Below the packets from the report messages with the missing authentication and privacy parameters:
Are we missing something regarding the implementation and behavior of these automatically generated report messages? There seems to be no way to configure these report messages seperately (?)
We would like your help and/or advice.
Thanks in advance
The text was updated successfully, but these errors were encountered:
New issues are marked as low priority by default. Becoming our commercial customers, and then your reports are handled with higher priority after triage.
We have implemented a monitoring tool which receives (SNMP) information from our networkswitches about their activity.
On both sides we have configured the use of SNMP V3 with authentication.
This has worked for years without any significant problems. But recently, after updating our switches, they start to send SNMP-messages which don't seem to be conforming RFC3411. Besides this being a problem in itself, we noticed that the automatically generated report messages returned by our monitoring tool did not contain any authentication data. The authentication and privacy parameters are missing, which in turn ensures that the switches do not accept these incoming report messages.
We would have expected the report messages to use the same authentication as defined in the SNMPEngine initialisation.
Below is our current, partly simplified, implementation of the SNMP Engine:
Below the packets from the report messages with the missing authentication and privacy parameters:
Are we missing something regarding the implementation and behavior of these automatically generated report messages? There seems to be no way to configure these report messages seperately (?)
We would like your help and/or advice.
Thanks in advance
The text was updated successfully, but these errors were encountered: