[AGENT++] Duplicate Engine IDs?

[Kerrison, Adam]

We are using SNMP++ to do some SNMPv3 scanning and have encountered some devices with duplicate SNMPv3 engine IDs. These are a pair of firewall devices running in a failover mode, so one is an exact duplicate of the other (apart for a management IP address obviously!). Duplicate Engine IDs seem like a very bad thing to me but this seems to be how Cisco set them up ...

When we try to talk to these devices we can successfully query one of them but the queries to the other always fail with a timeout.

The process doing this is long running so I am thinking that maybe something is caching the engine ID? A test using standalone tools like NET-SNMP snmpwalk always works with both devices

Anyone have any clues!?

Thanks

Adam
--
Adam Kerrison