SNMPv3 Polling failing in NFA with response report 1.3.6.1.6.3.12.1.5.0
search cancel

SNMPv3 Polling failing in NFA with response report 1.3.6.1.6.3.12.1.5.0

book

Article ID: 137902

calendar_today

Updated On:

Products

CA Network Flow Analysis (NetQos / NFA)

Issue/Introduction

SNMPv3 profile is failing to poll devices in NFA and getting a "Profile Not Found" message when doing a rediscover.


The Username and password are correct, and the user name is not the same as any other SNMPv3 profile in NFA or DX Netops Portal.


ACL list on the device is accepting SNMP traffic from the Harvester server.


Running a wireshark and decoding the SNMPv3 traffic with the username, password, and authentication protocols(see additional info section for details)  returns the response below "report 1.3.6.1.6.3.12.1.5.0"

 

Environment

Release : 10.0

Component : NQRPTA - REPORTERANALYZER

Resolution

 

The report 1.3.6.1.6.3.12.1.5.0 is an error message sent by the router you can use to troubleshoot this problem.

 

The OID translates to snmpUnknownContexts which according this link http://oidref.com/1.3.6.1.6.3.12.1.5 means:


 "The total number of packets received by the SNMP

engine which were dropped because the context

contained in the message was unknown."

 

When creating an SNMP Profile in NFA or DX Netops Portal, there is an optional field named "Context".


This fields should be blank in most cases, so if you are getting this message, delete the context field.




After saving the changes you will have to do a full resync of the NFA Data Source from DX Netops Portal, so that the updated SNMP profiles can sync down to NFA.

You will also have to allow some time for the profile to update the Harvester database as well.


You can check the Harvester database to verify that the context field is blank by running the following and command and checking the context field for the profile in question and making sure that field is blank.


mysql harvester

select * from snmpprofiles \G



Once you verify the Context field is blank, try to rediscover the device again from the Admin->Enable Interfaces page.

 


If it fails again check wireshark again.

Additional Information

See also SNMP v3 polling failing when multiple SNMP profiles have the same user name


 

Steps below explain how to decode SNMPv3 traffic in wireshark you can follow the steps below:

1. Open Wireshark

2. Open Preferences

3. Expand "Protocols"

4. Scroll down to SNMP

5. Next to "Users Table" click the Edit button

6. Click the + button to the bottom left


7. Add in your SNMP credential information, including SNMPv3 Username, Privacy Password, Authentication Password, Authentication model, and Privacy Protocol. Engine-ID is not required

8. Click 'OK' on both screens. When Wireshark loads the file, it will now automatically decrypt the SNMPv3 packets.

 

Powered by Wolken Software