search

netfishers-onl / Netshot

Network Configuration and Compliance Management
http://www.netfishers.onl/netshot
249 stars 60 forks source link

Autodiscovery issue snmpv3 #298

Closed Rikharms1972 closed 8 months ago

Rikharms1972 commented 8 months ago

I have an issue with auto discovery of certain Nokia routers. I have two sets of Device Credentials:

Issue happens on a router with snmpv2 only configured:

is it possible to move to the next snmp set when this error occurs?

SCadilhac commented 8 months ago

For any issue you open please include Netshot version, logs, etc. I cannot reproduce this issue, my version seems to properly try SNMPv3 credential set then SNMPv2 until one works.

Rikharms1972 commented 8 months ago

Version: 0.18.2 What I see with a SNMPv2 device: [TRACE] Trying SNMPv2c discovery. [DEBUG] Got sysDesc = 3916 Service Delivery Switch [DEBUG] Got sysObjectID = 1.3.6.1.4.1.6141.1.84

[TRACE] Trying SNMPv3 discovery. [DEBUG] Got sysDesc = 5754 [DEBUG] Got sysObjectID = 5755

Log

2024-04-02 11:04:23,181 WARN [NetshotRunnerScheduler_Worker-7] TaskJob: Running the task 3291520 of type onl.netfishers.netshot.work.tasks.DiscoverDeviceTypeTask 2024-04-02 11:04:24,003 ERROR [NetshotRunnerScheduler_Worker-7] DeviceGroup: Parse error while updating the group 13. 2024-04-02 11:04:24,632 WARN [NetshotRunnerScheduler_Worker-7] TaskJob: End of task 3291520. tcpdump

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes 11:02:11.966703 IP netshot.mnd.b2b.oss.local.53439 > htn-39.snmp: F=r U="" E= C="" GetRequest(11) 11:02:11.970524 IP htn-39.snmp > netshot.mnd.b2b.oss.local.53439: F= U="" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(29) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=774 11:02:12.001261 IP netshot.mnd.b2b.oss.local.53439 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]72_e4_1b_49_58_cb_c2_81_34_ce_9c_3b_11_d6_b7_97_e4_4e_c8_e1_f6_56_6b_4e_71_3f_94_95_21_94_b6_ee_ee_72_a2_5a_e0_01_6b_d2_8b_06_b7_4a_b5_8f_10_28 11:02:12.004776 IP htn-39.snmp > netshot.mnd.b2b.oss.local.53439: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5754 11:02:12.005207 IP netshot.mnd.b2b.oss.local.53439 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]95_bc_f2_d3_4d_8c_0c_4c_c0_b1_37_60_fd_ad_c6_62_6b_ab_7d_7b_ea_65_b0_5c_80_93_c1_8d_70_4d_a0_46_a9_2d_db_3e_fc_75_b1_bd_f2_17_f3_aa_f2_ea_32_28 11:02:12.008714 IP htn-39.snmp > netshot.mnd.b2b.oss.local.53439: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5755 11:02:14.595982 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=r U="" E= C="" GetRequest(11) 11:02:14.600104 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(29) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownEngineIDs.0=775 11:02:14.625951 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]fd_65_66_30_ba_ae_21_4d_d9_ea_35_c4_15_0a_de_a9_22_05_d4_e6_81_45_b0_18_03_90_20_48_8d_17_2f_58_dc_7e_54_33_98_60_61_38_d9_2d_a0_fc_15_3c_84_ae 11:02:14.629851 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5756 11:02:14.634760 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]71_dd_b5_15_0e_11_1c_52_dc_fd_1e_dc_b7_7f_7e_92_9e_ed_8e_0f_a2_a8_59_0a_4a_4b_b1_12_b6_35_ec_0e_e5_36_f0_9b_92_7c_23_c4_09_74_42_00_e3_65_9e_69 11:02:14.638825 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5757 11:02:14.639574 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]84_90_82_53_c9_4f_2c_6a_2b_e8_2f_99_d4_ae_1f_97_51_66_43_5f_83_7c_61_1e_7c_5a_ec_19_cd_95_57_c9_e9_bb_1a_1e_0f_0a_e6_4f_76_ef_62_f9_80_1d_56_89 11:02:14.643675 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5758 11:02:14.644075 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]26_8f_9e_52_b7_10_d5_90_c1_a8_93_b5_f3_91_6e_c9_8b_aa_d8_0e_e0_85_10_02_85_e3_6a_ac_f6_a3_11_5b_5d_13_f7_93_63_d0_33_29_d7_73_5b_43_f7_8c_92_79 11:02:14.647927 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5759 11:02:14.648271 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]47_0f_32_78_02_49_aa_f8_94_bc_d5_32_72_ed_14_2b_55_d9_21_f5_38_63_b6_64_63_2b_da_8e_4f_83_b5_3a_e9_8b_46_2a_e6_a4_b9_dd_b8_a6_47_09_f5_18_c0_fe 11:02:14.652408 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5760 11:02:14.652858 IP netshot.mnd.b2b.oss.local.47879 > htn-39.snmp: F=apr U="SNMPv3USER" [!scoped PDU]7f_84_5d_00_4d_a5_1d_d3_19_32_20_3e_b1_b3_99_f1_2b_1f_4c_b1_07_fe_01_66_6f_69_46_d1_2a_2a_16_5d_c2_9a_02_3b_3a_82_46_b5_33_e1_e8_0c_04_65_c6_d8 11:02:14.656727 IP htn-39.snmp > netshot.mnd.b2b.oss.local.47879: F= U="SNMPv3USER" E=_80_00_00_09_03_00_00_6c_bc_cb_dc_81 C="" Report(32) S:snmpUsmMIB.usmMIBObjects.usmStats.usmStatsUnknownUserNames.0=5761

Snmpwalk snmpwalk -v3 -l authPriv -u ZiggoSecurity -a SHA -A ^gn#29RvRc46 -x AES -X ^gn#29RvRc47 192.168.144.79 snmpwalk: Unknown user name

It looks like the entry in the generic driver accepts this response:

function snmpAutoDiscover(sysObjectID, sysDesc) { // Accept any device which replied to SNMP polls. return true; }

I was able to fix by setting it to False, disabling basically generic_snmp. Now it finds the device on SNMPv2 or it just fails..

SCadilhac commented 8 months ago

Please upgrade to the latest version before opening issue, it is likely your problem is already fixed.