04-20-2021 12:36 PM
i am trying to migrate our switches to snmpv3. first, orion has no issue with the config below. works great
snmp-server engineID remote 10.2.16.11 udp-port 161 1000000000
snmp-server group Network01 v3 auth read godeep
snmp-server view godeep iso included
snmp-server view godeep mib-2 included
snmp-server view godeep interfaces included
snmp-server view godeep chassis included
snmp-server user GXXXX Network01 v3 auth md5 <password> priv aes 256 <password>
but NetMRI will not authenticat or connect. i have followed the instructions in the 7.4.5 manual, the devices can ping each other. no ACL is in the way. and snmpv2 still works on netmri.
any help would be awsome.
Solved! Go to Solution.
04-21-2021 05:42 AM
good news, we figured out what was up. we were pointing the config at solarwinds only. once we put in a local enginID we could hit netmri. but encryption for aes 256 or 192 does not work for snmpv3. i found a KB #3925 from 2016! that states
Network Automation unsuccessfully attempts to authenticate devices configured with SNMP v3 and AES-256 bit or SNMP v3 and AES-192 bit encryption
SNMP v3 network devices using AES-256 bit or AES-192 bit encryption
All Network Automation(NetMRI) versions
Network Automation only authenticates SNMP v3 devices which are configured with AES-128 bit encryption.
When SNMP v3 network devices are configured with AES-256 bit encryption or AES-192 bit encryption, reconfigure these devices with AES-128 bit encryption.
02-16-2022 02:14 PM
Appears to still be the same even with NetMRI 22.214.171.124860. Still can't get AES256 or 192 to work and have to regress to 128.