Hi, >> >> The scenario is a user is setup with agent as V3 with authentication and / >> or encryption. >> >> However, if empty passwords as supplied by client, the GET succeeds >> whereas it should fail. True for authentication or encryption passwords.
SNMPv3 does not enforce that a message of a user that supports authentication / encryption must use authentication /encryption. So it is ok to accept a noAuthNoPriv message of a user that was created with authentication / encryption protocols. If you want to enforce encryption / authentication for a user, you can do this through configuration of the VACM. Regards, Jochen _______________________________________________ SNMP4J mailing list SNMP4J@agentpp.org http://lists.agentpp.org/mailman/listinfo/snmp4j