9 Replies Latest reply on Aug 8, 2017 9:08 AM by kulshreshthap

    SNMP fail

    burgess

      First post on the site.  Thanks for having such a rich resource.  Just purchased the SolarWinds Engineer's Toolset and having a bit of difficulty.

       

      I'm scanning a particular subnet and coming up with a LOT of unknowns.  Mostly results where authentication failed.  Is there a resource that shows the common pitfalls of SNMP failure and how to begin troubleshooting them?

       

      Thanks.

        • Re: SNMP fail
          Andy Ng

          Hi Jaysun,

           

          For most SNMP related issues, you can use snmpwalk to see if you are at least able to communicate with the SNMP-agent of the device.

          We have a free tool that is available here - http://knowledgebase.solarwinds.com/kb/questions/3145/

           

          You can unpack snmpwalk and place it somewhere on the server/PC that the Engineer's Toolset is on.

          Target it to at least one that failed, and see if you are able to get a response and be informed of the OIDs that are available on it.

           

          If it doesn't respond, it can be network or ACL issues where only certain IPs are able to query the SNMP-agent, etc.

           

          If it does, Cisco devices can have the ability to set certain MIBs that can be queried via the community strings, and it might not be set to be allowed to be retrieved from the current community string. For Net-SNMP devices, it has some default ACL set up in the snmpd.conf that needs some tuning to allow more information to be allowed to be queried from the default 'public' community string.

           

          Hope that at least help you to move forward - at least what I will personally do to troubleshoot the problem.

          1 of 1 people found this helpful
            • Re: SNMP fail
              burgess

              Andy.  Thanks for replying.  I downloaded the tool and set it up in Engineer's Toolset as a custom tool.  Loads and works well but when I try to scan anything I get this:

               

              C:\Program Files (x86)\SolarWinds\Toolset>snmpwalk -r:192.168.1.108
              SnmpWalk v1.01 - Copyright (C) 2009 SnmpSoft Company
              [ More useful network tools on http://www.snmpsoft.com ]

              %Failed to get value of SNMP variable. Timeout.

               

              Any ideas or suggestions?

                • Re: SNMP fail
                  burgess

                  I tried using SNMPSweep and got this from a query on one of the client's servers.  Maybe the machine I'm scanning from is preventing something from happening.  It's my laptop running Windows 7 Ultimate x64.

                   

                  It appears DNS resolution occurs but after that it's nothing at all.

                  snmpsweet.JPG

                    • Re: SNMP fail
                      Andy Ng

                      Hi Jaysun,

                       

                      Can I confirm that you are trying to monitor your Windows 7 PC via SNMP?

                       

                      If it is, can you confirm the following:

                      1. Windows Firewall allows SNMP packets UDP/161

                       

                      2. Start > Run > services.msc, then look into the properties of "SNMP service".

                      Navigate to "Security" tab, and try to set to "Accept SNMP packets from any host" and give snmpwalk another try

                        • Re: SNMP fail
                          burgess

                          I'm using my laptop to monitor other networks.  When I turned the monitor back around on myself it still failed.  So I've tried scanning both my machine and other networks.  I'm using VIPRE as my firewall so that may be why the SNMP packets are not getting through.

                           

                          I checked services already and it was set to Manual, which was OK but when I drilled down I found no security tab inside that specific service.

                            • Re: SNMP fail
                              Andy Ng

                              Hi Jaysun,

                               

                              Thank you for sharing this information with us.

                              Have you tried disabling the firewall?

                              The SNMP service should have a "Security" tab - or it might be named otherwise to restrict IP addresses be be able to query from it (btw, I checked from Windows 2008 R2, thus there might be still some differences)

                              * Also note that it is SNMP service and not SNMP Trap, etc.

                               

                              If you have SNMP service enabled on the local Windows 7, and run a snmpwalk with the correct community string, it should return statistics.

                                • Re: SNMP fail
                                  burgess

                                  Thanks Andy.  I'll try disabling my firewall and see if that yields any different results.

                                   

                                  In relationship to community strings, other than 'private' and 'public' are there any others I need to accommodate?  It seems as though most devices like printers, copiers and such instantly reply back with public queries but the other devices on a variety of different networks do not.  I'm working with Cisco, Foritnet, Adtran and other major branded switches, firewalls and routers.  I realize this may be a very broad question however.

                                   

                                  Thanks

                                    • Re: SNMP fail
                                      Andy Ng

                                      Hi Jaysun,

                                       

                                      Let us know after disabling the firewall.

                                       

                                      In regards to community strings, it is actually configured on the device to allow it being queried.

                                      Besides community strings, you have to be aware of ACLs (e.g. which IP is able to query the SNMP agent of the device).

                                      For Cisco, I believe that you can set the type of MIBs that can be queried (e.g. not all the MIBs/OIDs are available when you query)

                                       

                                      'public' community string is like a basic starter. In enterprise environment, it should be changed and should not be relied on.

                                • Re: SNMP fail
                                  kulshreshthap

                                  Hi Andy,

                                   

                                  could u please guide me for snmp Check on unix machine .... snmpd service status  is ' running '.. yet im not able to get any information out of it on my monitorin tool. Kindly guide me how to validate snmp agent on unix machine.