This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AP621 model does not return SNMP data via snmpwalk

AP621 model does not return SNMP data via snmpwalk

Elias_Morais_Pe
New Contributor

‎09-18-2023 06:08 AM - edited ‎09-21-2023 12:34 PM

hello @ckelly@Christoph_S , @Christopher_Fra , @arichter 

We have 2 RFS6000 controllers and 35 devices of this model in our environment, but I can't retrieve SNMP data from them. We have another 12 devices of the AP7532 model, and I can easily get the information from them.

AP621

 

 

$ snmpwalk -v2c -c cti 172.19.0.91 (AP621)
Timeout: No Response from 172.19.0.91

 

 

AP7532

 

 

$ snmpwalk -v2c -c cti 172.19.0.100
iso.3.6.1.2.1.1.1.0 = STRING: "AP7532 Access Point, Version 5.8.6.9-003R MIB=01a"
iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.388.50.1.1.40
iso.3.6.1.2.1.1.3.0 = Timeticks: (24005400) 2 days, 18:40:54.00
iso.3.6.1.2.1.1.4.0 = ""
iso.3.6.1.2.1.1.5.0 = STRING: "AP-A13-1314"

 

 

What is blocking the AP621 model? How can this be fixed?

EDIT:

I tried to follow the steps in the link below, but an error occurred. I think it's a bug.
https://extremeportal.force.com/ExtrArticleDetail?an=000094294

 

rfs01(config)*#ip snmp-access-list cti
rfs01(config-ip-snmp-acl-cti)*#permit any
% Error: Invalid IPv4/mask format
rfs01(config-ip-snmp-acl-cti)*#permit ?
  A.B.C.D/M  Source IP address range to match
  any        Any source IP address
  host       Single host address

rfs01(config-ip-snmp-acl-cti)*#permit any ?
  <cr>

rfs01(config-ip-snmp-acl-cti)*#permit any 
% Error: Invalid IPv4/mask format

 

Thank you in advance!!!

0 Kudos
21 REPLIES 21

ckelly
Extreme Employee

‎10-02-2023 12:48 PM - edited ‎10-03-2023 06:15 AM

As a test, is it possible to take take an AP621 and factory default it?

Have it boot it and acquire a DHCP address - do not let it adopt to a controller - and then attempt to snmpwalk the AP.

0 Kudos

ckelly
Extreme Employee

‎09-29-2023 10:35 AM

The entries in the ip snmp-access-list specify (if using 'permit' entries) which host or networks are allowed for SNMP traffic with an AP.

In this case, your workstation address needs to exist either as a specific host entry in this list OR the network that your workstation is on needs to exist as a network range in the list.

This is what I am trying to confirm. Does your workstation address match any of the four entries in the snmp-access-list?

ckelly_0-1696008559410.png

 

0 Kudos

Elias_Morais_Pe
New Contributor
In response to ckelly

‎09-29-2023 12:29 PM

@ckelly 

Yes. My work computer has the IP 10.60.0.7

0 Kudos

Elias_Morais_Pe
New Contributor

‎09-29-2023 09:25 AM - edited ‎09-29-2023 09:44 AM

@ckelly 

IP 172.19.0.97 belongs to AP 7532 and is part of the vlan that the APs get IP from. Should the IP itself be on the allowed list?

all 7532 in the image below.

Elias_Morais_Pe_0-1696004475721.png

0 Kudos

ckelly
Extreme Employee

‎09-28-2023 06:41 AM

So as expected, the 7532 port 161 shows as OPEN.

Also, your workstation address (172.19.0.97) is not an address that would be allowed by SNMP based on the 621's ip snmp-list

Are there any APs responding to snmp (that use the same exact snmp-access-list) that are located on the same network as a 621 that is NOT responding? (trying to eliminate/confirm that this snmp-access-list is the culprit)

ip snmp-access-list cti
permit host 200.x.x.x
permit 200.x.x.0/24
permit 10.x.0.0/23
permit host 10.60.0.7

0 Kudos
GTM-P2G8KFN