SNMPv3 credentials not working - RHEL 8

I've got an interesting problem....

Attempting to set up polling from Solarwinds to a Red Hat Enterprise Linux 8 server with Net-SNMP.

This is a new server and a new credential in my environment.

Node edit screen polling test fails with the credential.

Next using Solarwinds SNMPWALK. snmpwalk returns "Unsupported Security Level" (screenshot), but it still generates a test file with a bunch of OIDs listed.

Digging deeper: The RHEL8 MIB looks like about 11000 OIDs. Large majority of these start with 1.3.6.1.2 or 1.3.6.1.4 . These all poll without error.

However, there are about a dozen OID entries that start with 1.3.6.1.6 . The Unsupported Security Level error occurs when attempting to poll these OIDs.

I'm using SNMPv3 with AES128 encryption. Cannot use a higher AES value at this time.

I welcome any ideas from the community for how to resolve/reconfigure SNMP polling to either correct the permissions issue for this one set of OIDs, or to exclude these OIDs from polling.

Thanks.

Find more posts tagged with

mib_oid

Linux

net-snmp

Polling

Comments

monitoringlife

What version of SW are you on? SNMPv3 security was lacking till a somewhat recent update to support the higher AES and checksums. Ill try to go find the release notes and edit.

Edit:

Release notes for 2022.3.

SNMPv3 Supported Authentication and Encryption for NPM

SHA256 (Available in 2022.3 and above)
SHA512 (Available in 2022.3 and above)

robert777

Thanks for your reply. We're running Solarwinds 2022.4

Unfortunately I'm not a Linux admin in my environment. Wish I could see the snmpd.conf on the host side. Trying to assist our Linux admin(s) to find the right config. The adventure continues.

stuartd

This is not an answer, but maybe a pointer at how to move forward. I have come across this and it is always the end system that needs amending.

As proof, ask if you can temporarily use SNMP v2 and if a walk works and finds the "hidden" OIDs then it is down to the remote end config. This will be some form of mismatch on the security/encryption - best way I can describe it.

Like you, I'm not a *nix admin but in Cisco (for e.g.) land the default is to allow you to poll all OIDs until they are restricted. Maybe a similar mechanism is in place on the *nix box, or potentially their default is to restrict as a default.

christopher.t.jones123

@robert777, once they find the snmpd.conf file, I recommend taking a look at the views that are defined and assigned there. Typically, the default config is to restrict a bunch of the root level OID's as @stuartd alluded to. See below is an example of what it looks like, you'll notice that the systemonly view restricts you to only OID's several layers deep into the tree, while the NMIS (this is a custom addition to the conf) view allows access to the .1 and below.

marcrobinson

What version of the net-snmp client are you running? There are some known issue with RHEL8 and some of versions. Mostly they seem to cause snmp to crash.

robert777

I will find that out and post to this thread..

In my environment we have SNMPv3 setup scripts (Bash) that were created for Red Hat 7 ("RHEL7"). We're finding those scripts don't work natively with RHEL 8. The issue seems to be the 'view' setup in snmpd.conf (see screenshot above). It appears that under RHEL 8 the view needs to be more specific/restrictive than under 7.

Effort currently underway with our Linux admins to modify the setup scripts to work with RHEL 8.

Thanks for all of the input from the community.

marcrobinson

1663027 – net-snmpd double free or corruption error (redhat.com) Here is one of them.

robert777

The story becomes even more interesting...