Network Topology Mapper SNMPv3 Test Credential Failed

Question

I am evaluating NTM for my organization, using it for network devices, specifically Cisco. When I attempt to implement a new scan, using SNMPv3 credentials, I get a failed test. I have all information input into Edit SNMP Credential. I have verified it against the configuration of the device I am testing against. On a side note, we are currently using SW Orion and have no issues with SNMP with it.

The device where NTM is installed, its IP address is in a range allowed by an ACL on the Cisco devices. No firewalls in the path are blocking the traffic.

There is something interesting on a Wireshark capture, from the NTM device to the network device, fields indicate that information is missing:
msgAuthenticationParameters: <MISSING>
msgPrivacyParameters: <MISSING>

The values are stored and are not missing in the Edit SNMP Credential window.

Thanks!

shyde · Answer

This condition is normal for the first SNMPv3 packet to initiate the conversation: There is something interesting on a Wireshark capture, from the NTM device to the network device, fields indicate that information is missing: msgAuthenticationParameters: msgPrivacyParameters: The response from the device will provide as I recall an EngineID which the next request from the poller will include along with the username, authentication password, and privacy password. The first SNMPv3 packet will not have the credentials yet and this is normal setup of the poll. Now if you don't see any response from the device it may be something is blocking it along the way or dropping it. The original post indicated no firewalls but there is other reasons for it to be dropped like MTU size so just something to keep in mind. Assuming the end device is receiving the SNMP poll there is another consideration is it replying. A span session or debug may inform us. I have seen devices not respond because they go into an SNMP service lockout when there is too many failed logins - Ruggedcom equipment in my case. If you see the packet with no credentials and than a response with an EngineID gets to Solarwinds and then Solarwinds tries to poll the device with no credentials but has the EngineID filled out this will be an issue why Solarwinds is not putting in the credentials you supplied but I would guess it will be one of the other issues I mentioned based on my experience.

djalpert · Answer

The NTM sends the SNMP v3 from the host. I was successful with this on my Cisco devices: snmp-server group v3 priv read access snmp-server user

v3 auth sha priv aes 256 nnmp-server view iso included ! ip access-list extended remark *** Add some networks *** permit ip 192.168.1.0 0.0.0.255 any