ExtremeSwitching (EXOS)

 View Only

 something keeps re-enabling snmp-v1

Jump to Best Answer
Chris Swenson's profile image
Chris Swenson posted 06-25-2022 11:05
this is happening across the board in all my Summit 440-G2 and summit 695's
I run "disable snmp access snmp-v1-v2c" and it disables but at some random time it seems to re-enable itself.

I am also finding this in the logs of the switches
06/05/2022 07:54:32.38 <Noti:DM.Notice> Setting hwclock time to system time, and broadcasting time
06/05/2022 07:45:52.97 <Info:cli.logLocalCmd> clearflow expy: enable snmp access snmp-v1v2c
06/05/2022 07:45:52.96 <Info:cli.logLocalCmd> clearflow expy: enable snmp access
06/05/2022 07:43:36.92 <Info:cli.logLocalCmd> clearflow expy: disable ntp all vr VR-Default
06/05/2022 07:43:36.78 <Info:cli.logLocalCmd> clearflow expy: configure snmp delete trapreceiver "127.0.0.1"
06/05/2022 07:43:36.76 <Info:cli.logLocalCmd> clearflow iqagent: enable dhcp vlan Mgmt

it has occurred in 30.7.1.1 patch1-86 and  30.7.3.12 patch1-19

Chris S
Gabriel_G's profile image
Gabriel_G Best Answer
Hi Chris,

That is most likely the new IQAgent feature added in 30.7-ish. The IQAgent process is the phone-home mechanism that is used with the new cloud service ExtremeCloud IQ (XIQ). It is enabled by default and will globally enable some features which are needed for XIQ operation. However, This shouldn't be a security issue unless you've also configured SNMPv1v2c community strings (all XIQ SNMP traffic is tunneled internally from the cloud, hence the 127.0.0.1). SNTP is also enabled in this process as well.

If you want this to stop, simply disable the IQAgent (note this will also disable DHCP on the mgmt VLAN if enabled):
disable iqagent