Problem with SNMPv3


Hi guys,

we are using the Extreme Management Center and SNMPV3 to manage our extreme switche.
It is working very fine but i did not undrstand this error message.

sh snmpv3 counters

snmpUnknownSecurityModels : 0
snmpInvalidMessages : 0
snmpUnknownPDUHandlers : 0
usmStatsUnsupportedSecLevels : 0
usmStatsNotInTimeWindows : 0
usmStatsUnknownUserNames : 0
usmStatsUnknownEngineIDs : 265
usmStatsWrongDigests : 0
usmStatsDecryptionErrors : 0

This is my configuration of snmpv3 on my router.

configure snmpv3 add user "Netsight" engine-id 80:00:07:7c:00:04:96:a2:22:a1 authentication md5 auth-encrypted localized-key 23:24:73:2f:34:71:5a:6a:59:38:76:2f:54:4f:65:4c:74:50:66:6e:79:35:33:77:36:72:6b:6
9:48:61:68:35:7a:4a:67:43:78:36:4b:6d:56:38:49:4c:33:50:30:74:6b:42:30:30:67:3d privacy privacy-encrypted localized-key 23:24:33:7a:67:4c:6d:73:78:55:2b:76:52:65:62:68:55:30:52:48:36:59:2b:72:6c:68:51:65:4f:
57:58:51:52:39:52:62:4b:34:42:2f:6c:4e:6d:77:30:55:61:51:36:6a:70:2f:34:3d
configure snmpv3 add group "Netsight" user "Netsight" sec-model usm
configure snmpv3 add access "Netsight" sec-model usm sec-level priv read-view "Netsight" write-view "Netsight" notify-view "Netsight"
configure snmpv3 add mib-view "Netsight" subtree 1.0/80 type included
configure snmpv3 add target-addr "TVNetsight" param "TV1Netsight" ipaddress 172.31.150.150 transport-port 162 tag-list "TVInformTag"
configure snmpv3 add target-params "TV1Netsight" user "Netsight" mp-model snmpv3 sec-model usm sec-level priv
configure snmpv3 add notify "TVInformTag" tag "TVInformTag" type inform
enable snmp access
disable snmp access snmp-v1v2c
enable snmp access snmpv3

I have only 1 questions.
The Netsight engine-id ist the mac from the switch or from the management center?
When the engine id is a mac address, the the Mac address ist to long....

Who can help me...

Thomas

2 replies

Userlevel 6
Engine ID is unique identifier. It is not MAC address, but can be derived from MAC. Engine ID should be the same until reboot of the device/process.

each SNMPv3 component should have unique EngineID. You can configure it on switches what EngineID will be used.

if you use SNMPv3 traps then you need to configure the EngineID of the switch in the XMC.
If you use SNMPv3 inform then you need to know the EngineID of the XMC before you send the inform. many operating systems (including XOS) does check the EngineID of the management before sending the inform.

I guess the counter is showing how many times the EngineID was resolved before the Inform was sent.
Thanks for your help, i could check it on Monday,
Where i can find the snmp engine id of the xmc

Reply