help needed on net-snmp's snmptrapd issue

Pushpa Thimmaiah

2017-05-17 09:56:02 UTC

Hi Song Han,

It looks like snmptrapd.conf persistent file doesnot have entry(usm_entry)
for snmpv3 user pasitaes_inform

You can try following steps
1. Stop snmptrapd
2. Remove all usm_entries or usm_entry of pasitaes_inform in persistent
snmptrapd.conf
3. Start snmptrapd
Now snmptrapd write usm_entries of /etc/snmp/snmptrapd.conf into
persistent-snmptrapd.conf

Regards,
Pushpa

Post by Song Song1 Han
Hi all,
currently I am setting up a snmp trap server to do some testing on the
snmp trap sending from our devices..
Snmp trap message can be received with âd option , but it seems snmptrapd
didnât process this message. And I got such errors with âD. is there
anything wrong or missed ? thanks a lot
dumph_recv: ScopedPDU
snmp_parse: Parsed SNMPv3 message (secName:pasitaes_inform,
secLevel:authPriv): USM unknown security name (no such user exists)
sess_process_packet: received message id#1972796632 reqid#0 len 945
sess_process_packet: parse fail
Here are the configuation files below
# Map 'idv90we3rnov90wer' community to the 'ConfigUser'
# Map '209ijvfwer0df92jd' community to the 'AllUser'
# sec.name source community
com2sec ConfigUser default pasitconfig
com2sec AllUser default pasitall
# Map 'ConfigUser' to 'ConfigGroup' for SNMP Version 2c
# Map 'AllUser' to 'AllGroup' for SNMP Version 2c
# sec.model sec.name
group ConfigGroup v2c ConfigUser
group AllGroup v2c AllUser
group ConfigGroup v1 ConfigUser
group AllGroup v1 AllUser
# Define 'SystemView', which includes everything under .1.3.6.1.2.1.1 (or
.1.3.6.1.2.1.25.1)
# Define 'AllView', which includes everything under .1
# incl/excl subtree
view SystemView included .1.3.6.1.2.1.1
view SystemView included .1.3.6.1.2.1.25.1.1
view AllView included .1
# Give 'ConfigGroup' read access to objects in the view 'SystemView'
# Give 'AllGroup' read access to objects in the view 'AllView'
# context model level prefix read
write notify
access ConfigGroup "" any noauth exact SystemView
none none
access AllGroup "" any noauth exact AllView
none none
rouser pasitv3
rouser pasitv3
rouser pasitaes_inform
rouser pasitdes_inform
rouser pasitdes_trap
rouser pasitaes_trap
# Example configuration file for snmptrapd
#
# No traps are handled by default, you must edit this file!
#
# receive SNMPv1 or SNMPv2c notifications for community string pasit
authCommunity log,execute,net pasitaes_inform
authCommunity log,execute,net pasitdes_inform
authCommunity log,execute,net pasitaes_trap
authCommunity log,execute,net pasitdes_trap
authUser log,execute,net pasitaes_inform
authUser log,execute,net pasitdes_inform
authUser log,execute,net pasitaes_trap
authUser log,execute,net pasitdes_trap
authUser log,execute,net pasit noauth
# traphandle SNMPv2-MIB::coldStart /usr/bin/bin/my_great_script cold
#create a SNMPv3 TRAP User
#createUser -e 0x8000000001020304 pasitaes_trap SHA "XXXXXXX" AES " XXXXXXX "
#createUser -e 0x8000000001020304 pasitdes_trap SHA " XXXXXXX " DES " XXXXXXX "
#createUser -e XCC-7X09-1234567890 pasitaes_trap SHA " XXXXXXX " AES " XXXXXXX "
#create a SNMPv3 INFORM User
createUser pasitaes_inform SHA " XXXXXXX " AES " XXXXXXX "
createUser pasitdes_inform SHA " XXXXXXX " DES " XXXXXXX "
Best Regards~
Song Han
------------------------------------------------------------
------------------------------------------------------------
----------------------------
é©æŸ/Song Han
DCG WW PA SIT LTE
Mobile: 86-18910862502
Address: Lenovo HQ West #3, XIBEIWANG EAST ROAD #10, HAIDIAN District,
BEIJING, CHINA, 100085
------------------------------------------------------------
------------------------------------------------------------
----------------------------
------------------------------------------------------------
------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Net-snmp-users mailing list
https://lists.sourceforge.net/lists/listinfo/net-snmp-users