SNMP "public" community string accessible for r640 iDRAC
Article ID: 251227
Updated On:
Products
Issue/Introduction
Even though the SNMP 'public' community string is disabled in the communications configuration in Security Analytics, security scanning software is still detecting that the 'public' string is enabled and accessible and in use.
snmpwalk is able to access the server using the 'public' string.
Restarting snmpd does not make a difference.
Environment
Dell servers
Cause
The 'snmp' public community string is enabled on the iDRAC interface.
Resolution
Check to see if SNMP is enabled on the iDRAC. Make sure the IP address you are specifying is the server IP address and not the iDRAC IP address.
A good indication that you are accessing the iDRAC interface is that the Contact string will show [email protected]:
$ snmpwalk -v 1 -c public IP_ADDRESS
SNMPv2-MIB::sysDescr.0 = STRING:
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.674.10892.5
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (210825530) 24 days, 9:37:35.30
SNMPv2-MIB::sysContact.0 = STRING: \"[email protected]\"
SNMPv2-MIB::sysName.0 = STRING: hostname
SNMPv2-MIB::sysLocation.0 = STRING: \"unknown\"
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (65) 0:00:00.65
SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB
SNMPv2-MIB::sysORID.2 = OID: TCP-MIB::tcpMIB
SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip
SNMPv2-MIB::sysORID.4 = OID: UDP-MIB::udpMIB
SNMPv2-MIB::sysORID.5 = OID: SNMP-VIEW-BASED-ACM-MIB::vacmBasicGroup
SNMPv2-MIB::sysORID.6 = OID: SNMP-MPD-MIB::snmpMPDCompliance
SNMPv2-MIB::sysORID.7 = OID: SNMP-USER-BASED-SM-MIB::usmMIBCompliance
To modify the SNMP settings in iDRAC see the following steps.
Versions prior to iDRAC 9: Log in to the iDRAC interface and go to Overview > Server > Alerts > SNMP and Email Settings
\
iDRAC 9 and newer: Log in to the iDRAC interface and go to iDRAC Settings > Services > SNMP Agent
Feedback
