hi Brain, Thanks a lot for your response.. here is what I tried but that doesnt seems to be working... I tried adding token "engineID <Engine ID>" in snmptrapd.conf and used the same engineID while in createUser directive, even that didnt worked. Is there a different method to get engineID for snmptrapd ??
I want to forward snmp v3 INFORM from VM-1 to VM-2, here is my configuration on VM-1 and VM-2. I'm generating INFORM on VM1, destination being loopback address. I get "usm: Failed to find engine data." and snmptrad always core-dumps. with this topology snmv3 TRAP works without any issues, it's just v3 informs that are creating trouble. Even v2 INFORM works. VM1: root@Ubuntu3323:~# cat /tmp/snmptrapd.conf authCommunity log,net public snmpTrapdAddr udp:162,udp6:162 forward default 2.2.2.2:162 createUser feroz SHA feroz123 DES feroz123 authUser log,net feroz priv root@Ubuntu3323# *Start snmptrapd on VM1* root@Ubuntu3323:# /usr/sbin/snmptrapd -f -C -c /tmp/snmptrapd.conf -Lo -d -Dusm,snmptrapd,sess_async_send & *Generate link-up notification on VM1.* root@Ubuntu3323:# snmpinform -Ci -v 3 -a SHA -A feroz123 -x DES -X feroz123 -l authPriv -u feroz localhost 0 IF-MIB::linkUp * VM2 :* root@Ubuntu3322:# cat /tmp/snmptrapd.conf createUser feroz SHA feroz123 DES feroz123 authUser log feroz priv root@Ubuntu3322:# *Start snmptrapd as follows on VM2* root@Ubuntu3322:~# /usr/sbin/snmptrapd -f -C -c /tmp/snmptrapd.conf -d -Lo -Dusm,snmptrapd On Wed, Jan 6, 2021 at 9:21 PM Atkins, Brian <brian.atk...@netapp.com> wrote: > I don’t have one handy, but keep in mind that the engineID used to encode > the usmUser credentials, for both snmptrapd and the agent, is the one for > snmptrapd itself, not the agent sending the INFORM: > > > > With SNMPv3 informs, the *authoritative engine ID* is the *engine* that > receives the *inform*, unlike SNMPv3 traps, where the agent's *engine ID* > is *authoritative*. > > > > So when you create the usmUser for the SNMP agent, you use the snmptrapd > engineID. Since the usmUser must exist in the agent configuration before > it can send the INFORM, engineID discovery is useless for INFORMs (unlike > queries like GET, GET-NEXT). > > > > Hope this helps, > > Brian > > > > *From:* Feroz <feroz.afs...@gmail.com> > *Sent:* Wednesday, January 6, 2021 10:11 AM > *To:* net-snmp-users@lists.sourceforge.net > *Subject:* snmptrapd for V3 informs > > > > *NetApp Security WARNING*: This is an external email. Do not click links > or open attachments unless you recognize the sender and know the content is > safe. > > > > Anyone tried forwarding V3 informs with snmptrapd? > > Can some one share the snmptrapd.conf file? > > > > -Feroz > -- Regards, Feroz Ahmed
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
