Wireless Access

last person joined: 23 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

moving from SNMP v2 to SNMPv3

This thread has been viewed 8 times

  • 1.  moving from SNMP v2 to SNMPv3

    Posted Sep 22, 2015 04:52 AM

    Hi, I've got a little problem during moving from SNMP v2 to SNMPv3 by controller and AirWave communication.
    After I changed configuration at controller and AirWave, Airwave still gets SNMP Traps from controller (and it's ok), but controller is recognized as "failed device"..
    As result, I'm getting snmp information, but at that time I have more then 100 devices down (controller+AP).
    Did anyone face the same issue?
    While moving from SNMP v2 to SNMPv3 the next step was made:
    1) created SNMPv3 User a controller;
    2) created a trap receiver fro SNMPv3 (inform type) at controller;
    3)At AirWave, in device setup-Communication created SNMPv3 User (with the same credentials as at 1 step);
    4) At AP/device-Manage settings add credentials for SNMPv3 User and changed snmp port (from 161 to 162);
    5) At Group configuration page set SNMPv3 to handle;
    After that, everything is ok for a 15-20 minutes, and after that all devices goes down, but SNMP  messages are still incoming..
    What am I doing wrong?



  • 2.  RE: moving from SNMP v2 to SNMPv3

    EMPLOYEE
    Posted Sep 22, 2015 07:34 AM

    Go to your Aruba controller and type "show log system all | include Privacy":  If you have the message below, your snmp user in Airwave does not match what is on the controller:

     

    SNMP V3 Message parse error: Authentication parameters don't match: Possible Privacy password mismatch"

     

    In that case, double-check that in Airwave the username, auth password, privacy password and auth protocol match with the controller.  In Airwave under Manage, use "View Device Credentials" for the controller to ensure you have the right credentials.



  • 3.  RE: moving from SNMP v2 to SNMPv3

    Posted Sep 22, 2015 08:59 AM

    Thank you, cjoseph.
    I checked logs and user credentials once more. All the user data are correct.
    About logs, I watched it and found mentioned string. But that log was generated in different time from devices failures.
    Also, I check the ntp server and time zones parameters - they are the same.
    You should understand that devices are in monitor mode, and they really don't go down. It's only AirWave recognizes them as down.

    I made some additional test and found out some intersting thing. SNMPv3 is working correct and send information all the time. I suspect to possible issues:
    1) If you'll go to Device Setup - Discover, you'll find setting for scanning, were SNMPv2 are used. It may be used to check is device up or down.
    2) I deleted SNMPv2 Community string from device configuration in AirWave.


    As a result I've got a properly working system (temporary for now) which at controller have SNMPv3 User, SNMPv3 Trap Receiver and SNMPv2 "Read Community Strings " parameter.
    At AirWave i have device and device group configuration only to use SNMPv3 (with corresponding settings) and Device Setup to communicate by SNMPv2.



  • 4.  RE: moving from SNMP v2 to SNMPv3

    EMPLOYEE
    Posted Jan 12, 2016 01:32 PM

    Hi Yuriy,

     

    Is this issue resolved? From the initial update i saw that you have changed the port to 162 from 161 under Manage page of the device on Airwave. Could  you please have it set to 161(which is used for snmp) and let me know how it goes.


    Regards,

    Vishnu



  • 5.  RE: moving from SNMP v2 to SNMPv3

    Posted Jan 13, 2016 03:11 AM

    Hi Vishnu.

    Actually no.
    I rolled back to SNMPv2 for now...
    I made a decision to update whole system to latest OS versions and try once more later.