I started snmp with a config file that allows both v1/v2 community connection and v3 users connection (see full config file at bottom), it worked perfectly. I only have one problem. Whenever I do snmpset with -v 2c option (when it is allowed) - I get a respond (UCD-SNMP-MIB::versionUpdateConfig.0 = INTEGER: 1) Whenever I do snmpset with -v 3 option (snmpset -v 3 -l authPriv -u admin -a MD5 -A ????? -x DES -X ???? 127.0.0.1 UCD-SNMP-MIB::versionUpdateConfig.0 i 1) - I get "Timeout: No Response from 127.0.0.1", although action is performed and changes are made in snmp configuration Why is that?
And last question: My original target was to hold a parameter that will allow user to choose if he wants to work in "v1/v2" mode or "v3" mode (there are more ways to access the product and he can config it not necessary through the snmp itself). If he chooses to work with "v3", I need to edit the config file and then set the "UCD-SNMP-MIB::versionUpdateConfig" field to "1". This is done using C code that is in the SW package on the product. Is the set action can only happen using the "snmpset" application? (which I am implemented as a system call) --------------------- ORIGINAL CONFIG FILE ------------------ rocommunity public 0.0.0.0 rwcommunity private 0.0.0.0 com2sec publicSec default public com2sec privateSec default private group publicGroup v1 publicSec group publicGroup v2c publicSec group privateGroup v1 privateSec group privateGroup v2c privateSec group adminGroup usm admin group operatorGroup usm oper group userGroup usm user view adminView included .1 view operatorView included .1 view userView included .1 access publicGroup "" any noauth exact userView none none access privateGroup "" any noauth exact debugView debugView none access adminGroup "" usm priv exact adminView adminView adminView access operatorGroup "" usm priv exact operatorView operatorView operatorView access userGroup "" usm priv exact userView none none -----Original Message----- From: dave.shi...@googlemail.com [mailto:dave.shi...@googlemail.com] On Behalf Of Dave Shield Sent: Wednesday, March 09, 2011 2:20 PM To: Naama Bar Menachem Cc: net-snmp-users@lists.sourceforge.net Subject: Re: How to prevent net-snmp from working in v1/v2 (only v3) On 9 March 2011 12:13, Naama Bar Menachem <naama.barmenac...@novelsat.com> wrote: > Is there a way of preventing snmp from working in v1/v2 and only respond to v3? If you don't configure any valid community strings, then the agent will ignore any SNMPv1 or SNMPv2c requests. If you are compiling from source, you could run configure --disable-snmpv1 --disable-snmpv2c .... and this will omit the community-based code altogether. Dave ------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
