[SNMP4J] using aes192/aes256 privacy protocols against Cisco devices
Elad Sarver
elad.xx at gmail.com
Tue Sep 18 21:03:16 CEST 2007
Hi,
There was a draft describing the AES192 and 256. I don't think it was ever
approved (maybe even dropped - does anyone know?)
Anyway, both snmp4j and Cisco IOS implement it, so it should work...
Elad
On 9/18/07, Matthieu Casanova <chocolat.mou at gmail.com> wrote:
>
> Hi, someone stops me if I'm wrong but I think that the RFC3826 (AES
> for USM) speaks only of AES 128, so I suppose that AES192 and 256 are
> bonus we have in snmp4j.
>
> Matthieu
>
> 2007/9/18, Elad Sarver <elad.xx at gmail.com>:
> > Hi,
> >
> > When I use the snmp4j.exe tool (latest version) to query a Cisco 7200
> series
> > device using AES128 encryption, it works.
> > When I try to use the same for AES192 or AES256, the device doesn't
> respond.
> > not even with a Report PDU, which is always sent in other cases.
> > Using Ethereal, I see that an encrypted AES192 PDU was sent to the
> > device and nothing came back.
> >
> > I have the security policy files installed. Before they were installed,
> a
> > different error had occured. So it probably isn't the reason.
> > The device is configured correctly, and traps/informs are being sent
> from it
> > correctly with AES192.
> >
> > 1. What could be the problem?
> > 2. Was the Snmp4J tool tested against Cisco devices using these privacy
> > protocols?
> >
> > thanks,
> > Elad.
> > _______________________________________________
> > SNMP4J mailing list
> > SNMP4J at agentpp.org
> > http://lists.agentpp.org/mailman/listinfo/snmp4j
> >
>
More information about the SNMP4J
mailing list