Hi,
I dont see any dump on host3 when I run "snmpd -f -L -d". This means the
request is not flowing to host3 and host2 is not proxying the request.
The access control setup on host2 is as follows.
# sec.name source community
com2sec myuser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group myusergroup usm myuser
####
# Third, create a view for us to let the group have rights to:
# name incl/excl subtree mask(optional)
view myuserview included .1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access myusergroup "" any noauth exact myuserview none
none
###############################################################################
#Proxy
proxy -Cn myContext -v 2c -c v2community host3 .1
###############################################################################
rwuser myuser
---------------------snmpd.conf ends--------------------
Is any additional configuration need to be done here??
Thanks & Regards,
Ravi R.S
> On Thu, 2005-08-25 at 13:06 +0530, [EMAIL PROTECTED] wrote:
>> For host2 I have "myuser" as the username and "mypassword" as the
>> password.
>
> What is the access control setup on "host2" ?
>
>> For host3 I have a community name configured as "v2community". i.e
>> rocommunity v2community
>> rwcommunity v2community
>
> Nooo!!!!!!
> **WHY** do people insist on duplicating community settings like this.
> If you've got a read-write community setting, you don't need a
> read-only directive with the same community name. read-write access
> *includes* read access. That's what the word "read" means!!!!
>
> [Sorry - but you pushed a button!]
>
>> when I execute a command like
>> snmpget -v 3 -u myuser -n myContext -l authNoPriv -a MD5 -A mypassword
>> host2 system.sysName.0
>>
>> it fails
>
> Which host is rejecting the request?
> Is host2 passing it on to host3 (which then rejects it),
> or does host2 reject it before it ever gets to host3?
>
> If you run the agent on host3 using something like
>
> snmpd -f -Le -d
>
> you should see packet dumps for all traffic in and out.
> This should indicate whether the requests are getting that
> far or not.
>
> Dave
>
---------------------------------------------------------------------
Hi all,
I have 3 hosts named
host1 supporting snmpv3
host2 supporting snmpv3
host3 supporting snmpv2
host2 is used as proxy for host1 and host3
For host2 I have "myuser" as the username and "mypassword" as the password.
For host3 I have a community name configured as "v2community". i.e
rocommunity v2community
rwcommunity v2community
In host2 I have configured the proxy settings as follows.
proxy -Cn myContext -v 2c -c v2community host3 .1.3
host1 tries to talk to host3 through host2 proxy i.e when I execute a
command like
snmpget -v 3 -u myuser -n myContext -l authNoPriv -a MD5 -A mypassword
host2 system.sysName.0
it fails and the output is as follows.
"Error in packet
Reason: authorizationError (access denied to that object)"
What is wrong here?
Is there any command to set my context name?
Thanks in advance.
Regards,
RSR
"SASKEN RATED THE BEST EMPLOYER IN THE COUNTRY by the BUSINESS TODAY Mercer
Survey 2004"
SASKEN BUSINESS DISCLAIMER
This message may contain confidential, proprietary or legally Privileged
information. In case you are not the original intended Recipient of the
message, you must not, directly or indirectly, use, Disclose, distribute,
print, or copy any part of this message and you are requested to delete it and
inform the sender. Any views expressed in this message are those of the
individual sender unless otherwise stated. Nothing contained in this message
shall be construed as an offer or acceptance of any offer by Sasken
Communication Technologies Limited ("Sasken") unless sent with that express
intent and with due authority of Sasken. Sasken has taken enough precautions to
prevent the spread of viruses. However the company accepts no liability for any
damage caused by any virus transmitted by this email
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
