Discussion:
getsnmp and snmpsim with v3
(too old to reply)
Santiago, Laura
2016-03-16 12:15:01 UTC
Permalink
Hi,

I am trying to do a simulation of snmp v3 (with v2c everything is working fine)

For that I am using:

- snmp simulator (http://snmpsim.sourceforge.net/)

- Net-snmp tools (https://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.7-binaries/net-snmp-5.7.0-1.x86.exe/download)

(I have installed net-snmp with tic on Encryption support (OpenSSL) )

- OpenSSL 0.9.8r (http://web.tp-srl.it/public/webserver/Win32OpenSSL-0_9_8r.exe)


I am running the simulator with this command (I am using default configuration):
snmpsimd.py --v3-engine-id=010203040505060809 --v3-user=wallace --v3-auth-key=testkey123 --v3-priv-key=testkey839 --agent-udpv4-endpoint=127.0.0.1:1161
and the result is:
--- SNMP Engine configuration
SNMPv3 EngineID: 0x010203040505060809
--- Data directories configuration
SNMPv3 Context Engine ID: 0x010203040505060809
....
--- SNMPv3 USM configuration
SNMPv3 USM SecurityName: wallace
SNMPv3 USM authentication key: testkey123, authentication protocol: MD5
SNMPv3 USM encryption (privacy) key: testkey839, encryption protocol: DES
Maximum number of variable bindings in SNMP response: 64
--- Transport configuration
Listening at UDP/IPv4 endpoint 127.0.0.1:1161, transport ID 1.3.6.1.6.1.1.0

and now I run snmpget like following line
snmpget -v3 -a MD5 -A testkey123 -e 010203040505060809 -c public -u wallace -x DES -X testkey839 localhost:1161 1.3.6.1.2.1.1.3.0

and the result is
snmpget: Unsupported security level

I have looked about information with this problem but I did't find what is happening.

Hope this helps.

Laura
Ilya Etingof
2016-03-16 20:17:49 UTC
Permalink
I guess you should specify "-l authPriv" to the snmpget tool. Other than that, you do not need “-e" (as EngineID could be auto discovered), but you might want adding “-n context-name" to specify contextName (snmpsim reports available contextNames on startup).

That is:

$ snmpget -v3 -a MD5 -A testkey123 -u wallace -x DES -X testkey839 -l authPriv -n variation/virtualtable localhost:1161 IF-MIB::ifPhysAddress.1
Post by Santiago, Laura
Hi,
I am trying to do a simulation of snmp v3 (with v2c everything is working fine)
- snmp simulator (http://snmpsim.sourceforge.net/)
- Net-snmp tools (https://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.7-binaries/net-snmp-5.7.0-1.x86.exe/download)
(I have installed net-snmp with tic on Encryption support (OpenSSL) )
- OpenSSL 0.9.8r (http://web.tp-srl.it/public/webserver/Win32OpenSSL-0_9_8r.exe)
snmpsimd.py --v3-engine-id=010203040505060809 --v3-user=wallace --v3-auth-key=testkey123 --v3-priv-key=testkey839 --agent-udpv4-endpoint=127.0.0.1:1161
--- SNMP Engine configuration
SNMPv3 EngineID: 0x010203040505060809
--- Data directories configuration
SNMPv3 Context Engine ID: 0x010203040505060809
....
--- SNMPv3 USM configuration
SNMPv3 USM SecurityName: wallace
SNMPv3 USM authentication key: testkey123, authentication protocol: MD5
SNMPv3 USM encryption (privacy) key: testkey839, encryption protocol: DES
Maximum number of variable bindings in SNMP response: 64
--- Transport configuration
Listening at UDP/IPv4 endpoint 127.0.0.1:1161, transport ID 1.3.6.1.6.1.1.0
and now I run snmpget like following line
snmpget -v3 -a MD5 -A testkey123 -e 010203040505060809 -c public -u wallace -x DES -X testkey839 localhost:1161 1.3.6.1.2.1.1.3.0
and the result is
snmpget: Unsupported security level
I have looked about information with this problem but I did’t find what is happening.
Hope this helps.
Laura
Santiago, Laura
2016-03-17 12:50:41 UTC
Permalink
Thank you very much,

This solved my problem :)

-----Original Message-----
From: Ilya Etingof [mailto:***@glas.net]
Sent: Wednesday, March 16, 2016 9:18 PM
To: Santiago, Laura
Cc: net-snmp-***@lists.sourceforge.net
Subject: Re: getsnmp and snmpsim with v3

I guess you should specify "-l authPriv" to the snmpget tool. Other than that, you do not need “-e" (as EngineID could be auto discovered), but you might want adding “-n context-name" to specify contextName (snmpsim reports available contextNames on startup).

That is:

$ snmpget -v3 -a MD5 -A testkey123 -u wallace -x DES -X testkey839 -l authPriv -n variation/virtualtable localhost:1161 IF-MIB::ifPhysAddress.1
Post by Santiago, Laura
Hi,
I am trying to do a simulation of snmp v3 (with v2c everything is working fine)
- snmp simulator (http://snmpsim.sourceforge.net/)
- Net-snmp tools (https://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.7-binaries/net-snmp-5.7.0-1.x86.exe/download)
(I have installed net-snmp with tic on Encryption support (OpenSSL) )
- OpenSSL 0.9.8r (http://web.tp-srl.it/public/webserver/Win32OpenSSL-0_9_8r.exe)
snmpsimd.py --v3-engine-id=010203040505060809 --v3-user=wallace --v3-auth-key=testkey123 --v3-priv-key=testkey839 --agent-udpv4-endpoint=127.0.0.1:1161
--- SNMP Engine configuration
SNMPv3 EngineID: 0x010203040505060809
--- Data directories configuration
SNMPv3 Context Engine ID: 0x010203040505060809
....
--- SNMPv3 USM configuration
SNMPv3 USM SecurityName: wallace
SNMPv3 USM authentication key: testkey123, authentication protocol: MD5
SNMPv3 USM encryption (privacy) key: testkey839, encryption protocol: DES
Maximum number of variable bindings in SNMP response: 64
--- Transport configuration
Listening at UDP/IPv4 endpoint 127.0.0.1:1161, transport ID 1.3.6.1.6.1.1.0
and now I run snmpget like following line
snmpget -v3 -a MD5 -A testkey123 -e 010203040505060809 -c public -u wallace -x DES -X testkey839 localhost:1161 1.3.6.1.2.1.1.3.0
and the result is
snmpget: Unsupported security level
I have looked about information with this problem but I did’t find what is happening.
Hope this helps.
Laura
Loading...