Closed jon-larsen closed 1 year ago
@jon-larsen your cfgmaker syntax fixed my issue! So I can say SNMP v3 with cfgmaker does work. Run system updates and if it still dosn't work after updates, I would try:
snmpwalk -v3 -u snmp3user -A "pwd" -a MD5 -l authnoPriv 127.0.0.1
figured I would also add how to pull the Engine ID:
export MIBS=ALL
snmpwalk -v3 -u snmp3user -A "pwd" -a MD5 -l authnoPriv 127.0.0.1 snmpEngineID
@jon-larsen your cfgmaker syntax fixed my issue! So I can say SNMP v3 with cfgmaker does work. Run system updates and if it still dosn't work after updates, I would try:
snmpwalk -v3 -u snmp3user -A "pwd" -a MD5 -l authnoPriv 127.0.0.1
This is very interesting! Thank you for telling me :)
I still have problems. It's not a problem doing the snmpwalk. I also use SNMPv3 towards the switches in our monitoring system. I have installed mrtg using the official Ubuntu 22.04 docker image as base. It is constantly being updated.
I feel like I'm missing something obvious...
cfgmaker --authprotocol=sha --privprotocol=aes128 --contextengineid=00:00:00:00:00:00:00:00:00:00:00 --snmp-options=:::::3 --enablesnmpv3 --username=snmp --authpassword='authpassword' --privpassword='privpassword' --subdirs=HOSTNAME --ifdesc=descr --show-op-down --global "options[_]: growright,bits" --global "LogFormat: rrdtool" --global "WorkDir: /var/www/html" --global "IconDir: http://mrtg" hostname
--base: SNMP V3 libraries found, SNMP V3 enabled.
--base: Get Device Info on public@hostname:::::3
usage: $sock->socket(DOMAIN, TYPE, PROTOCOL) at /usr/share/perl5/Net/SNMP/Transport/IPv4.pm line 36.
I had to pull the context engine id then remove ':'
snmpwalk -v3 -u snmp3user -A "pwd" -a MD5 -l authnoPriv hostname snmpEngineID
I had to pull the context engine id then remove ':'
snmpwalk -v3 -u snmp3user -A "pwd" -a MD5 -l authnoPriv hostname snmpEngineID
Okay. It doesn't help unfortunately. What OS are you running it at? And what version of mrtg? Could you also send me the cfgmaker command you are using?
I am using a Ubuntu box, but I think the issue is the are multiple ways to create an SNMP user: one with noauthpriv, and the more secure with authpriv. this is what worked for us when we enabled authpriv
AuthPriv:
net-snmp-config --create-snmpv3-user -ro -A "$authvar" -a SHA -X "$privvar" -x AES $uservar export MIBS=ALL snmpwalk -v3 -u $uservar -A "$authvar" -a SHA -l authPriv -x AES -X "$privvar" 127.0.0.1 snmpEngineID
cfgmaker --show-op-down --ifdesc=alias --global "WorkDir: /var/www/mrtg" --output /var/www/mrtg/my.conf --global "Options[_]: growright, bits, avgpeak, unknaszero" --contextengineid=0x$engid --global "EnableSnmpV3: yes" --snmp-options=:::::3 --username=$uservar --authpassword=$authvar --authprotocol=sha --privpassword=$privvar --privprotocol=aes128 127.0.0.1
I am using a Ubuntu box, but I think the issue is the are multiple ways to create an SNMP user: one with noauthpriv, and the more secure with authpriv. this is what worked for us when we enabled authpriv
AuthPriv:
net-snmp-config --create-snmpv3-user -ro -A "$authvar" -a SHA -X "$privvar" -x AES $uservar export MIBS=ALL snmpwalk -v3 -u $uservar -A "$authvar" -a SHA -l authPriv -x AES -X "$privvar" 127.0.0.1 snmpEngineID cfgmaker --show-op-down --ifdesc=alias --global "WorkDir: /var/www/mrtg" --output /var/www/mrtg/my.conf --global "Options[_]: growright, bits, avgpeak, unknaszero" --contextengineid=0x$engid --global "EnableSnmpV3: yes" --snmp-options=:::::3 --username=$uservar --authpassword=$authvar --authprotocol=sha --privpassword=$privvar --privprotocol=aes128 127.0.0.1
Okay. Thanks a lot for your time, but it still is a problem for me :cry: Hope someone with a more understanding of the code can explain the error message I receive.
ok my last try. do you have all the required libraries installed. while we were working on it we found we didnt have all the Perl modules that were quietly required installed.
apt-get install -y snmpd mrtg libsnmp-dev libcrypt-des-perl libdigest-hmac-perl snmp-mibs-downloader snmp libcrypt-rijndael-perl
Thanks, worth a try :) I added the packages that I didn't have, but still the same output:
usage: $sock->socket(DOMAIN, TYPE, PROTOCOL) at /usr/share/perl5/Net/SNMP/Transport/IPv4.pm line 36.
After massive googling I found some post referring to the /etc/protocols
file, which did not exist on my system. So I tried installing random packages until it appeared. The packet in question was liblwp-protocol-https-perl
. So after installing that one, it works! Finally! :D Thanks @sharkbit for leading me to pursue this further :)
I get the following output from cfgmaker:
Using this command:
Versions:
Using Ubuntu 22.04, but replicated with Ubuntu 20.04