Hello, I am using net-snmp v5.8 r0.
I think I have successfully configured an snmpd server to generate V3 Traps/Informs using TSM with certificates and have an snmptrapd receive those V3 Traps/Informs. As I can see the Trap/Infom data dumped to the window snmptrapd is running. My issue is, when I restart snmptrapd, it can no longer receive V3 Traps/Informs using TSM without restarting the snmpd also. snmptrapd can receive V2 Traps/Infoms without restarting snmpd. Is this the normal/desired behavior with DTLS? (I have not tried TLS yet) sudo snmptrapd -Dtsm,tls,ssh,openssl,cert,dtlsudp,9:openssl:fingerprint,9:openssl:cert:san -f -Losd dtlsudp:10162 udp:162 2019-11-20 10:11:50 apcon-ubuntu.apconnet.apcon.com [UDP: [10.20.19.57]:33656->[10.20.19.57]:162]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (10093) 0:01:40.93 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.10830.5.0.62 SNMPv2-SMI::enterprises.10830.2.15.0 = STRING: "cli-ssh" SNMPv2-SMI::enterprises.10830.2.16.0 = STRING: "admin/10.20.19.37" SNMPv2-SMI::enterprises.10830.2.17.0 = STRING: "10.20.19.57" 2019-11-20 10:11:50 apcon-ubuntu.apconnet.apcon.com [UDP: [10.20.19.57]:60888->[10.20.19.57]:162]: DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (10093) 0:01:40.93 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.10830.5.0.62 SNMPv2-SMI::enterprises.10830.2.15.0 = STRING: "cli-ssh" SNMPv2-SMI::enterprises.10830.2.16.0 = STRING: "admin/10.20.19.37" SNMPv2-SMI::enterprises.10830.2.17.0 = STRING: "10.20.19.57" dtlsudp: received 229 raw bytes on way to dtls dtlsudp: starting a new connection cert:find:params: looking for identity(1) in DEFAULT(0x0), hint (nil) cert:find:params: looking for identity(1) in MULTIPLE(0x200), hint 0x1249450 cert:find:params: looking for identity(1) in FINGERPRINT(0x2), hint 0x1249450 cert:find:params: hint = 04:BF:CF:1A:9C:5D:7A:9D:87:7E:1D:D8:A3:77:1A:DD:D7:76:77:0B cert:find:found: using cert manager.crt / 04bfcf1a9c5d7a9d877e1dd8a3771addd776770b for identity(1) (uses=identity+remote_peer (3)) cert:find:found: using cert manager.crt / 04bfcf1a9c5d7a9d877e1dd8a3771addd776770b for identity(1) (uses=identity+remote_peer (3)) snmpd -Dtls,ssh,openssl,cert,dtlsudp,9:openssl:fingerprint,9:openssl:cert:san -f -Lsd udp:0.0.0.0:161 dtlsudp:10161 Config: trapsess -v 2c 10.20.19.57:162 -c public trapsess -v 2c -Ci -r 0 10.20.19.57:162 -c public trapsess -v 3 -Ci -r 0 -T their_identity=manager.crt dtlsudp: 10.20.19.57:10162 snmpd: logging Nov 20 10:19:21 apcon-ubuntu snmpd[5857]: dtlsudp: Nov 20 10:19:21 apcon-ubuntu snmpd[5857]: sending 193 bytes
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
