1 Reply Latest reply: Jun 21, 2018 1:54 AM by Mark Cooper RSS

interface polling on cisco 4500 vss snmpv3 not working

Jeff Peters

Hi,

 

We're using an Enterprise Profiler with multiple gateways. I am working on using netflow/ipfix and snmpv3 information on cisco 4500x vss to gather interface specific utilization. I have v3 polling, however its only getting me the sysname. I downgrade it to snmpv2 and its not working either. The snmp strings are default, so not sure if something needs to be whitelisted to allow it. I have flow set up on a per interface instance, which I am getting flow from....just since there's no interface information, I can't see % of utilization. Is there something specific I need?

 

Thanks,

  • Re: interface polling on cisco 4500 vss snmpv3 not working
    Mark Cooper

    Hi Jeff,

     

    When troubleshooting something like this I prefer to run the snmpwalk command from the Flow Gateway's command line.  I use the FG because it is this device that actually polls the routers to gather the interface details so it is testing the path from the sourse to the target.  You mention you have multiple FG's, so ensure the FG you are testing from is the one that is receiving the flow from the 4500x. 

     

    The ACL on the 4500x (if there is one, and there normally is) should permit this FG to poll it.  If successful you will get a long list printing up on the screen.  If not successful then you will see either a failure message or nothing at all.  This will indicate that something in the path or the router itself is blocking or denying access. 

     

    From the cli on the FG using snmp v3 enter the following command:

     

    snmpwalk -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50

     

    where:

    -l =    Security Level

    -u =    username

    -a =    Auth Protocol

    -A =    Auth Password

    -x =    Privacy Protocol

    -X =    Privacy Password

    IP address = your device to be polled


    If you try this using snmp v2c then the command will look like this:


    snmpwalk -v 2c -c public 10.140.9.240


    where:

    -v = snmp version 1 or 2c

    -c = your community string

    IP address = your device to be polled


    More often than not these issues are caused by snmp misconfiguration or ACL's on the router denying access.


    Good luck