Mike Smith
2017-03-15 20:49:14 UTC
Question:
We have a device using net-snmp v5.7.2 in an SNMPv3 application. There is an internal user name, "internalUser", that is not defined by 'createUser', but does have an 'rouser internalUser' phrase, and a 'iquerySecName internalUser' phrase, both in the snmpd.conf configuration file.
The monitor queries work as expected, providing traps when expected; in other words, this works! (at least so far as I can tell). Other actual users are defined for USM, ant they appear in both the USM tables and the VACM tables. Similarly, 'internalUser' appears in the VACM table, but not in the USM table, which is what we'd prefer.
The actual question is, is this behavior an anomaly, or is it intended?
So, if the snmpd.conf contains 'iquerySecName internalUser', does 'internalUser' need to be created as a USM user as well ('createUser internalUser')?
We have a device using net-snmp v5.7.2 in an SNMPv3 application. There is an internal user name, "internalUser", that is not defined by 'createUser', but does have an 'rouser internalUser' phrase, and a 'iquerySecName internalUser' phrase, both in the snmpd.conf configuration file.
The monitor queries work as expected, providing traps when expected; in other words, this works! (at least so far as I can tell). Other actual users are defined for USM, ant they appear in both the USM tables and the VACM tables. Similarly, 'internalUser' appears in the VACM table, but not in the USM table, which is what we'd prefer.
The actual question is, is this behavior an anomaly, or is it intended?
So, if the snmpd.conf contains 'iquerySecName internalUser', does 'internalUser' need to be created as a USM user as well ('createUser internalUser')?