Forum Discussion

asama's avatar
asama
Icon for Neophyte rankNeophyte
24 days ago

SNMPv3 Support on Logic Monitor

Hi Team,

I am trying to implement SNMPv3 in our environment. We mainly use Cisco devices (IOS, Nexus, ASA, etc.).

Our LogicMonitor collector is running on:

Virtualization: Xen
Operating System: CentOS Linux 7 (Core)

When I run the following command on the Linux device, I receive a successful response:
" snmpwalk -v3 -u username -l authPriv -a SHA -A 'Mypassword' -x AES128 -X 'Mypassword' 192.168.x.x "
However, when I test with snmpget from the LogicMonitor collector’s debug console, I get the following error:


Authentication protocol not supported - AES
java.lang.IllegalArgumentException: Authentication protocol not supported - AES
 at com.santaba.agent.util.snmp.SnmpUtil.getAuthProtocol(SnmpUtil.java:77)
at com.santaba.agent.util.async.SNMPClient._setAuthInfo(SNMPClient.java:1101)
at com.santaba.agent.util.async.SNMPClient.initialize(SNMPClient.java:163)
at com.santaba.agent.util.async.SNMPClient.initialize(SNMPClient.java:143)
at com.santaba.agent.debugger.SnmpDebugTask._handle(SnmpDebugTask.java:243)
at com.santaba.agent.debugger.DebugTask.run(DebugTask.java:176)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
at java.base/java.lang.Thread.run(Thread.java:1583) 


Question: Does LogicMonitor support AES for SNMPv3?

I’ve used the same configuration successfully with other monitoring tools, such as PRTG, and it works without issues.

2 Replies

  • Mike_Moniz's avatar
    Mike_Moniz
    Icon for Professor rankProfessor
    24 days ago

    Try using AES256C or AES2563DES or other protocols listed on https://www.logicmonitor.com/support/getting-started/advanced-logicmonitor-setup/defining-authentication-credentials#snmp (copied below). It seems like using AES256 isn't fully standardized and different vendors implement it in different ways. If your really uses AES128, then I believe that is standard.

    • Both AES and DES are supported. AES is the default privacy algorithm.
    • AES and AES128 are same protocols and can be used interchangeably because they use the same encryption method – AES128.
    • AES192-3DES, AES1923DES, and AES192C are same protocols and can be used interchangeably because they use the same encryption method.
    • AES256-3DES, AES2563DES and AES256C are same protocols and can be used interchangeably because they use the same encryption method.
    • AES128 and AES256 are supported out-of-the-box.
    • DES, 3DES, AES192, and AES256 are also supported.
    • AES2563DES and AES1923DES are supported (usually for Cisco devices) starting with EA Collector 28.607 and later.
  • Sean_S_'s avatar
    Sean_S_
    Icon for Neophyte rankNeophyte
    23 days ago

    It sounds like you set "snmp.auth" to "AES".  You'd want to use the "snmp.priv" property for that.  My guess is that you swapped the "snmp.auth" and "snmp.priv" properties.  If that is the case, then you likely also swapped the "snmp.authToken" and "snmp.privToken" properties.