I think you are getting the Local User and the Remote User confused or what is local and what is remote.
snmpwalk takes a 'local' user. That local user must be defined at the receiver of the get. IOW, the hardware you are querying. This local user needs to be tied to the engine ID of the hardware. The inform user is a 'remote' user to the generator of the inform message, ie, the hardware. That user is created on the hardware with the remote engine ID. You seem to have that correct: On hardware: *createUser -e <engine id of hardware> james md5 myAuthpass AES128 myPrivpass // Local to the hardware* * createUser -e <engine id of management system> james md5 myAuthpass AES128 myPrivpass // Remote to the hardware * *On Management system* * createUser -e <engine id of management system> james md5 myAuthpass AES128 myPrivpass // Local to management system, receiver of inform messages* *Then snmpwalk command syntax is the same, I believe the 2 entities will negotiate/find/agree on the user/engine id if not specified.* *Or you could be more specific and add the engine id to the command. * * snmpwalk -v3 -e <engine id of the hardware> -u james -l authPriv -a md5 -A myAuthpass -x AES128 -X myPrivpass 10.X.X.X ifIndex* *I hope I explained this correctly, it took me a while to get the Local and Remote User straight in my head. It all depends on who is the authoritative engine.* *For Informs it is the Receiver (management system)* *For Traps it is the Generator of the trap* *For GETs it is the Target of the get* On Wed, Nov 18, 2020 at 9:13 AM Saleem <salimmalik...@gmail.com> wrote: > Hi everyone, > > I am using net-snmp version 5.8 on a custom Linux machine. > > I have created a v3 user and enabled traps and traps are received in the > other end successfully. > Then I update the remote engine-id in trapsess directive for informs. > > My trapsess line in /etc/snmp/snmpd.conf > *trapsess -Ci -e 80001F888007CDFD01C704B55F -v 3 -u james -l authNoPriv > 10.X.X.X* > > Corresponding snmptrapd.conf file configuration > > > *createUser -e 0x80001f880324e9b3928abe james md5 myAuthpass AES128 > myPrivpassauthuser log james* > > > I am getting the inform messages on the management side (receiver). > But snmpwalk is failing when trying with the localhost with below error > > > *shell# snmpwalk -v3 -u james -l authPriv -a md5 -A myAuthpass -x AES128 > -X myPrivpass 10.X.X.X ifIndex snmpwalk: Unknown user name (Sub-id > not found: (top) -> ifIndex)* > > Getting the below debugs saying 'no match on engineID' > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > * usm: USM processing begun... usm: Unknown Engine ID. usm: USM > processing has begun (offset 50) usm: getting user usm: USM processing > completed. usm: USM processing begun... usm: match on user james usm: > no match on engineID ( 80 00 1F 88 03 00 50 56 81 E8 16 ) usm: Unknown > User(james) usm: USM processing has begun (offset 47) usm: getting user > james usm: match on user james usm: no match on engineID ( 80 00 1F 88 > 03 00 50 56 81 E8 16 ) usm: USM processing completed.* > > It seems it is trying to match the engineID of the localhost with the > remote engineID and fails. > What am I missing here ? > > Your help is much appreciated. > > Regards, > Salim Malik > > _______________________________________________ > Net-snmp-users mailing list > Net-snmp-users@lists.sourceforge.net > Please see the following page to unsubscribe or change other options: > https://lists.sourceforge.net/lists/listinfo/net-snmp-users >
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
