[AGENT++] SNMPV3 Traps in AuthPriv/AuthNoPriv mode
Frank Fock
fock at agentpp.com
Tue Dec 14 18:29:32 CET 2010
Hi,
The "hard-coded" code is an example only.
You have to setup the VACM yourself
according to your needs. That's all.
Best regards,
Frank
On 14.12.2010 18:16, James Espinoza wrote:
> Hello,
>
> I've currently been trying to troubleshoot an issue with sending SNMPv3
> traps at the AuthPriv and AuthNoPriv security levels. Currently I am coming
> across an a "no access" error similar to below :
>
> 20101214.16:42:28: 11067: (7)DEBUG : Vacm: Access requested for: (model)
> (name) (level) (type) (context) (oid): (3), (SHADES), (1), (3), (),
> (1.3.6.1.6.3.1.1.5.1)
> 20101214.16:42:28: 11067: (7)DEBUG : Vacm: getGroupName: (model) (name):
> (3), (SHADES), (1.3.6.1.6.3.16.1.2.1.3.3.6.
> 83.72.65.68.69.83)
> 20101214.16:42:28: 11067: (7)DEBUG : Vacm: getViewName: (group) (context)
> (model) (level) (type): (Test), (), (3), (1), (3)
> 20101214.16:42:28: 11067: (7)DEBUG : Vacm: getViewName: (matched group):
> (Test)
> 20101214.16:42:28: 11067: (2)EVENT : Notification not sent (reason) (addr)
> (params): (no access), ( C6 F3 FC 38 00 00
> ...8..
> ), (192.168.1.1)
>
> I've set up my agent using the examples in agentpp, and can successfully
> send SNMP v1/2c/3 traps in the NoAuthNoPriv using the mib->notify method. I
> also use NotificationOriginator::add_vX_trap_destination to setup the trap
> destination before sending. I think I've narrowed down the reason to the "no
> access" error to the NotificationOriginator::add_v3_trap_destination method.
> It seems this method is hard coded to set the security level to 1(or
> SNMP_SECURITY_LEVEL_NOAUTH_NOPRIV) in the snmpTargetParamsEntry table.
> Specifically :
>
> if (snmpTargetParamsEntry::instance->add_entry(name, // row index
> mpV3, // mpModel
> SNMP_SECURITY_MODEL_USM,
> secName, // secName
> * 1)) { // secLevel<-------------------Hard
> coded secLevel here...*
> snmpNotifyEntry::instance->add_entry(name, // row index
> tag, // tag
> TRAP); // type (trap)
> }
>
> My question is, does agentpp support SNMPv3 trains in AuthPriv and
> AuthNoPriv mode? And is this the reason why I would be getting a "no access"
> error? Is there any reason why this would have been hard coded?
>
> Thanks,
> James Espinoza
> _______________________________________________
> AGENTPP mailing list
> AGENTPP at agentpp.org
> http://lists.agentpp.org/mailman/listinfo/agentpp
--
AGENT++
http://www.agentpp.com
http://www.snmp4j.com
http://www.mibexplorer.com
http://www.mibdesigner.com
More information about the AGENTPP
mailing list