The snmpd.conf I provided consists mostly of what's coming with snmp packages I guess.
As I must in the end use SNMP v3, I was confused about what to use: r[ow]user, r[ow]community, com2sec, group, view, access, or a mixture of some of them but which ones? I stepped back to SNMP v1 for my tests as I did not want to have too many possible misunderstandings at the same time, and seemed to be getting nowhere. So once /etc/snmp/snmpd.conf is stripped down to a single rocommunity line, I get: % snmpgetnext -v1 -c public localhost ifName ~ IF-MIB::ifName.1 = STRING: lo And I can snmpwalk from netSnmp, which gives hundreds of lines such as the following: NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."read" = STRING: _all_ NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."write" = STRING: none NET-SNMP-VACM-MIB::nsVacmViewName."grpcomm1"."".0.noAuthNoPriv."notify" = STRING: none NET-SNMP-VACM-MIB::nsVacmViewName."grpsyncmux"."".3.authNoPriv."read" = STRING: _all_ NET-SNMP-VACM-MIB::nsVacmViewName."grpsyncmux"."".3.authNoPriv."write" = STRING: _all_ NET-SNMP-VACM-MIB::nsVacmViewName."grpsyncmux"."".3.authNoPriv."notify" = STRING: _all_ which is a lot better. Now if I add a rouser syncmux to the said snmpd.conf, I get % snmpget -v3 -u syncmux -l noAuthNoPriv localhost sysDescr.0 sysUpTime.0 Error in packet Reason: authorizationError (access denied to that object) which is different from anything I had previously. So I'll look in that direction. Daniel -----Message d'origine----- De : dave.shi...@gmail.com [mailto:dave.shi...@gmail.com] De la part de Dave Shield Envoyé : mercredi 6 juin 2012 17:07 À : Chayvialle, Daniel (External) Cc : net-snmp-users@lists.sourceforge.net Objet : Re: Stuck in the way of quering a private MIB (extension using perl) On 6 June 2012 15:59, Chayvialle, Daniel (External) <daniel.chayvialle.exter...@cassidian.com> wrote: > I have read the FAQ you mentioned, as well as other related to this topic a > few days ago, > and I can't says it was all clear to me. FAQ:Agent 24 How do I configure access control stuff? The simplest way is to use the configure directives: rocommunity public (for SNMPv1/2c) Your current snmpd.conf file is relatively complex. and most of it is probably stuff that you're not actually using. I suggest that you try replacing this with a file containing *JUST* the line "rocommunity public", and restart the agent. You should then be able to retrieve other information from the agent - not just the system group. Does this work? (I'd also suggest that you read the rest of that FAQ entry, and ask if there's anything you don't understand). Dave ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
