Welcome, Guest. Please login or register.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - ghermant

Pages: [1]
Discovery / SNMP v3 with AES or DES but with same community name
« on: December 04, 2018, 04:57:09 PM »

We have some devices that were configured to use SNMP v3 with AES encryption and some other older devices with DES.

For both of these devices, we used the same community name and the only difference between them is the encryption method (AES or DES).

I found an issue in Nedi (1.7) that does not allow to have both of these SNMP communities defined in the nedi.conf file.

Like this:
#           name   aprot   apass      pprot   ppass
comm   mycomm   sha           ver3pa55           aes           ver3pa55
comm   mycomm   sha           ver3pa55           des           ver3pa55

If I test the above config for a discovery on a DES device, it fails and Nedi do not even test the second community.
It looks like Nedi considers the second one using AES as the same one as the DES one.

It is even worst as this look also that the encryption method is not stored in the database and associated to a device:
If a device were discovered using DES but the nedi.conf file contains the AES one, refreshing the device fails as it read the encryption method indicated in the nedi.conf file.

Would you know how to update the libsnmp.pl lib so that Nedi first test in AES and fallback in DES if needed or store this parameter by device in the DB?

Thanks & Brgds,

News / Nedi 1.7 to be made available to the community?
« on: September 12, 2018, 10:42:00 AM »
Do you know if and when Nedi 1.7 will be released to the community?


Pages: [1]