Ad Widget

Collapse

Problems in autodiscovery with SNMPv3 and $-sign

Collapse
This topic has been answered.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • hr-leinonen
    Junior Member
    • Jan 2011
    • 8
    #1

    Problems in autodiscovery with SNMPv3 and $-sign

    Hi,

    EDIT:
    ------
    If I create host manually and use passphares $stron$switch, then everything works. So problem seems to be in autodiscovery part.
    ------

    Zabbix version is 6.0.12, platform Rocky Linux 8.

    I try to make autodiscovery using SNMPv3 with authpriv. There is $-sign (eg. $stron$switch) in front of the passphrases and it seems that Zabbix wont understand it.

    If I try to make SNMPv2 discovery with community eg. testing discovery works.

    Also if I make snmpwalk (eg. snmpwalk -v3 -l authPriv -u user -a SHA -A '$stron$switch' -x AES -X '$stron$switch' 10.10.10.1 1.3.6.1.2.1.1.5 it will work, so user and passphares are ok.

    Any suggestion what is maybe wrong?

    Regards,

    Ville
    Last edited by hr-leinonen; 23-12-2022, 12:32.
    Tags: None
    • Answer selected by hr-leinonen at 02-01-2023, 10:32.
      Markku
      Senior Member
      Zabbix Certified SpecialistZabbix Certified ProfessionalZabbix Certified Expert
      • Sep 2018
      • 1781
      I tested again with 6.4.0beta5 with no problems.

      When checking with Wireshark, I get that "Decrypted data not formatted as expected, wrong key?" when I have incorrect SNMP v3 credentials in Zabbix. Which leads to the question that are you aware of the documentation in https://www.zabbix.com/documentation...itemtypes/snmp? It says:

      Changes in Authentication protocol, Authentication passphrase, Privacy protocol or Privacy passphrase, made without changing the Security name, will take effect only after the cache on a server/proxy is manually cleared (by using -R snmp_cache_reload) or the server/proxy is restarted. In cases, where Security name is also changed, all parameters will be updated immediately.
      That's exactly how it works here: if I initially use an incorrect password in Zabbix discovery rule and later correct it, sudo zabbix_server -R snmp_cache_reload is required for Zabbix to catch it.

      Markku
        • Selected Answer

        Comment

        • hr-leinonen
          hr-leinonen commented
          02-01-2023, 10:32
          Editing a comment
          Hi,

          Now it seems to work, it probably was that snmp_cache_reload which helped.

          Regards,

          Ville
        • Markku
          Senior Member
          Zabbix Certified SpecialistZabbix Certified ProfessionalZabbix Certified Expert
          • Sep 2018
          • 1781
          #2
          Moi, seems to work here just fine, on 6.0.11 and 6.4.0beta5.

          I was testing with these:

          Click image for larger version Name: image.png Views: 631 Size: 59.4 KB ID: 456534

          Was there a specific reason you think the password was the reason for the discovery to not work?

          Markku

            Comment

            • Markku
              Senior Member
              Zabbix Certified SpecialistZabbix Certified ProfessionalZabbix Certified Expert
              • Sep 2018
              • 1781
              #3
              Ok I didn't see your edit earlier. Make sure you are using the correct OID in the discovery (like 1.3.6.1.2.1.1.5.0).

              Markku

                Comment

                • hr-leinonen
                  #3.1
                  hr-leinonen commented
                  24-12-2022, 22:31
                  Editing a comment
                  Hi,

                  With SNMPv2 that oid works and when I change V3 then devices are not populated and Wireshark gives error "Decrypted data not formatted as expected, wrong key?", but I am sure that
                  keys are correct, because snmpwalk works. I will continue debugging after new year.

                  Regards,

                  Ville
                • Markku
                  Senior Member
                  Zabbix Certified SpecialistZabbix Certified ProfessionalZabbix Certified Expert
                  • Sep 2018
                  • 1781
                  #4
                  I tested again with 6.4.0beta5 with no problems.

                  When checking with Wireshark, I get that "Decrypted data not formatted as expected, wrong key?" when I have incorrect SNMP v3 credentials in Zabbix. Which leads to the question that are you aware of the documentation in https://www.zabbix.com/documentation...itemtypes/snmp? It says:

                  Changes in Authentication protocol, Authentication passphrase, Privacy protocol or Privacy passphrase, made without changing the Security name, will take effect only after the cache on a server/proxy is manually cleared (by using -R snmp_cache_reload) or the server/proxy is restarted. In cases, where Security name is also changed, all parameters will be updated immediately.
                  That's exactly how it works here: if I initially use an incorrect password in Zabbix discovery rule and later correct it, sudo zabbix_server -R snmp_cache_reload is required for Zabbix to catch it.

                  Markku
                    • Selected Answer

                    Comment

                    • hr-leinonen
                      #4.1
                      hr-leinonen commented
                      02-01-2023, 10:32
                      Editing a comment
                      Hi,

                      Now it seems to work, it probably was that snmp_cache_reload which helped.

                      Regards,

                      Ville
                    Previous template Next
                    Working...