Send netdisco-users mailing list submissions to
netdisco-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/netdisco-users
or, via email, send a message with subject or body 'help' to
netdisco-users-requ...@lists.sourceforge.net
You can reach the person managing the list at
netdisco-users-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of netdisco-users digest..."
Today's Topics:
1. Re: SNMPv3 Issues (Ariel Jones)
--- Begin Message ---
Thanks for sending this, unfortunately even with this configuration it's still
just the "Error: passphrase chosen is below the length requirements of the USM
(min=8)." Error repeatedly.
From: Roman Safonov <rom...@technion.ac.il>
Sent: Thursday, June 27, 2024 12:09 AM
To: Ariel Jones <ariel.jo...@gfcmsu.edu>; netdisco-users@lists.sourceforge.net
Subject: Re: SNMPv3 Issues
NOTICE: This email originated from outside of your organization. Do not click
links, open attachments, or respond unless you were expecting this message and
know the content is safe.
My working SNMP credentials for CISCO switch:
- tag: 'v3_CISCO_SHA-AES-256-C
user: 'user'
auth:
pass: password'
proto: SHA
priv:
pass: 'password'
proto: AES-256-C
Our CISCO switches use AES-256-C for privacy.
CISCO configuration:
snmp-server group Snmpv3 v3 priv access allowSnmp
snmp-server drop unknown-user
snmp-server location <location>
snmp-server contact <mail>
snmp-server group Snmpv3 v3 priv access SnmpAuthoritative
snmp-server user user Snmpv3 v3 auth sha password priv aes 256 password access
allowSnmp
From: Ariel Jones <ariel.jo...@gfcmsu.edu<mailto:ariel.jo...@gfcmsu.edu>>
Date: Thursday, 27 June 2024 at 5:25
To:
netdisco-users@lists.sourceforge.net<mailto:netdisco-users@lists.sourceforge.net>
<netdisco-users@lists.sourceforge.net<mailto:netdisco-users@lists.sourceforge.net>>
Subject: [Netdisco] SNMPv3 Issues
Some people who received this message don't often get email from
ariel.jo...@gfcmsu.edu<mailto:ariel.jo...@gfcmsu.edu>. Learn why this is
important<https://protect.checkpoint.com/v2/___https:/aka.ms/LearnAboutSenderIdentification___.YzJlOnRlY2huaW9uOmM6bzoyMGQxZDk3NmMxMWRmODExN2Y2MTdmYjczMzEzZTI1Nzo2OjNjOWI6MGZiZTQ4MjUxYzhlMGY4M2UyYTlhOTU1NzE2Y2M4ZDE1ODA1ZGY5ODNhOWU1MmJiNjE5ZjE3OTUzMjRiMTEzYjpoOkY6Tg>
I have been working to get SNMPv3 working with my Cisco switches, however no
matter what I do I can't seem to get it working with NetDisco. I have confirmed
I can connect with SNMPv3 with two other tools we utilize without any issue.
Any help would be appreciated. The error "Error: passphrase chosen is below the
length requirements of the USM (min=8)." shows in the output, however the
passphrase is 15+ characters long.
deployment.yml file:
device_auth:
- tag: 'Snmpv3cfg'
user: 'USERNAME'
auth:
pass: 'PASSWORD'
proto: 'SHA'
priv:
pass: 'PASSWORD'
proto: 'AES'
Configuration from Cisco switches:
snmp-server view snmp-v3-ReadOnly-View internet included
snmp-server view snmp-v3-ReadOnly-View lldpObjects included
snmp-server view snmp-v3-ReadOnly-View cisco included
snmp-server group snmp-v3-ReadOnly v3 auth context vlan- match prefix
snmp-server view snmp-v3-ReadOnly-View iso included
snmp-server group snmp-v3-ReadOnly v3 priv read snmp-v3-ReadOnly-View
snmp-server user USERNAME snmp-v3-ReadOnly v3 auth sha PASSWORD priv aes 128
PASSWORD
snmp-server group snmp-v3-ReadOnly v3 auth
(There is also an access list allowing access)
Result of netdisco-do -D discover -d:
itservices@netdisco:~/netdisco/config$ sudo docker-compose run netdisco-do -D
discover -d 10.10.80.80
Creating itservices_netdisco-do_run ... done
Attempting to create directory /home/netdisco/perl5
[1] 2024-06-26 22:38:59 info App::Netdisco version 2.072003 loaded.
[1] 2024-06-26 22:38:59 info discover: [10.10.80.80] started at Wed Jun 26
22:38:59 2024
[1] 2024-06-26 22:39:00 debug discover: running with timeout 600s
[1] 2024-06-26 22:39:00 debug => running workers for phase: check
[1] 2024-06-26 22:39:00 debug -> run worker check/1000000
"internal::backendfqdn"
[1] 2024-06-26 22:39:00 debug -> run worker check/1000000
"internal::snmpfastdiscover"
[1] 2024-06-26 22:39:00 debug running with configured SNMP timeouts
[1] 2024-06-26 22:39:00 debug -> run worker check/0 "discover"
[1] 2024-06-26 22:39:00 debug Discover is able to run.
[1] 2024-06-26 22:39:00 debug => running workers for phase: early
[1] 2024-06-26 22:39:00 debug -> run worker early/100 "discover::properties"
[1] 2024-06-26 22:39:00 debug snmp reader cache warm: [10.10.80.80]
[1] 2024-06-26 22:39:00 debug [10.10.80.80:161] try_connect with v: 3, t: 0.2,
r: 0, class: SNMP::Info, comm: <hidden>
Error: passphrase chosen is below the length requirements of the USM (min=8).
[1] 2024-06-26 22:39:00 debug [10.10.80.80:161] try_connect with v: 3, t: 3, r:
2, class: SNMP::Info, comm: <hidden>
Error: passphrase chosen is below the length requirements of the USM (min=8).
[1] 2024-06-26 22:39:00 debug discover failed: could not SNMP connect to
10.10.80.80
[1] 2024-06-26 22:39:00 debug -> run worker early/100 "discover::properties"
[1] 2024-06-26 22:39:00 debug -> run worker early/100 "discover::properties"
[1] 2024-06-26 22:39:00 debug -> run worker early/100 "discover::properties"
[1] 2024-06-26 22:39:00 debug -> run worker early/100 "discover::properties"
[1] 2024-06-26 22:39:00 debug => running workers for phase: main
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::canonicalip"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::entities"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::neighbors"
[1] 2024-06-26 22:39:00 debug -> run worker main/100
"discover::neighbors::docsis"
[1] 2024-06-26 22:39:00 debug -> run worker main/100
"discover::neighbors::routed"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::portpower"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::portproperties"
[1] 2024-06-26 22:39:00 debug -> run worker main/100
"discover::portproperties::portaccessentity"
[1] 2024-06-26 22:39:00 debug pae failed: could not SNMP connect to 10.10.80.80
[1] 2024-06-26 22:39:00 debug -> run worker main/0 "discover::properties::tags"
[1] 2024-06-26 22:39:00 debug -> run worker main/0 "discover::properties::tags"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::vlans"
[1] 2024-06-26 22:39:00 debug -> run worker main/100 "discover::wireless"
[1] 2024-06-26 22:39:00 debug -> run worker main/0 "discover::withnodes"
[1] 2024-06-26 22:39:00 debug => running workers for phase: late
[1] 2024-06-26 22:39:00 debug -> run worker late/0 "discover::hooks"
[1] 2024-06-26 22:39:00 debug [10.10.80.80] hooks - skipping due to incomplete
job
[1] 2024-06-26 22:39:00 debug -> run worker late/0 "discover::snapshot"
[1] 2024-06-26 22:39:00 debug discover failed: could not SNMP connect to
10.10.80.80
[1] 2024-06-26 22:39:00 info discover: finished at Wed Jun 26 22:39:00 2024
[1] 2024-06-26 22:39:00 info discover: status defer: discover failed: could
not SNMP connect to 10.10.80.80
ERROR: 1
External e-mail, be judicious when opening attachments or links
--- End Message ---
_______________________________________________
Netdisco mailing list - Digest Mode
netdisco-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/netdisco-users
