Reputation: 27
Auth and Priv not working for SNMP v3 traps
I'm sending v3 traps to my net-snmp container. When I set securityLevel to 1 I get:
0.....0...1x....
..........-0+...
..p.....3.8.....
....myuser..s...f'
##..{-..0~.....p
.........Mon Jan
04 18:42:16 CET
20210...+.....me
ssage
The security Level 1 is noAuthNoPriv so it works, that's okay. When I set security Level to 2, I log with my username and authPassword, and again it's working! But, when i made a typo in my username I found out that it is working as well :( So instead of valid credentials I could write user: someone password:something and it would still work. And when it comes to security Level 3, whatever I try I can't make it to work. It is always as in the copied result above, however, at the end of the log instead of "message" there is a line of hash code. Does it mean it sees the credentials as wrong ones and that why it is encoded? I can't decode it in any way? So in summary, with authNoPriv it works everytime, it doesn't care if auth password is correct or not, and with authPriv it never works, it doesn't care if priv password is correct or not. I tried mixing my code with the ones from internet but it didn't help. Here's my code:
TransportMapping transport = new DefaultUdpTransportMapping();
transport.listen();
Snmp snmp = new Snmp(transport);
USM usm = new USM(SecurityProtocols.getInstance().addDefaultProtocols(),
new OctetString(MPv3.createLocalEngineID()), 0);
SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES192());
SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES256());
SecurityProtocols.getInstance().addPrivacyProtocol(new Priv3DES());
SecurityModels.getInstance().addSecurityModel(usm);
String username = "myuser";
snmp.getUSM().addUser( =
new OctetString(username),
new UsmUser(new OctetString(username), AuthMD5.ID, new OctetString(
"myAuthPasswd"), PrivAES128.ID, new OctetString("myPrivPasswd")));
UserTarget target = new UserTarget();
target.setAddress(new UdpAddress(ipAddress + "/" + port));
target.setRetries(1);
target.setTimeout(11500);
target.setVersion(SnmpConstants.version3);
target.setSecurityLevel(3);
target.setSecurityName(new OctetString(username));
PDU pdu = new ScopedPDU();
pdu.setType(ScopedPDU.TRAP);
pdu.add(new VariableBinding(SnmpConstants.snmpTrapOID,
SnmpConstants.linkDown));
pdu.add(new VariableBinding(new OID(trapOid), new OctetString("message")));
snmp.send(pdu, target);
System.out.println("Sending Trap to (IP:Port)=> " + ipAddress + ":"
+ port);
snmp.close();
}
Also, here's what I get from container's user table:
SNMP-USER-BASED-SM-MIB::usmUserAuthProtocol.".....~"!x..._...."."myuser" = OID: SNMP-USER-BASED-SM-MIB::usmHMACMD5AuthProtocol
So this user has MD5 authProtocol. And
SNMP-USER-BASED-SM-MIB::usmUserPrivProtocol.".....~"!x..._...."."myuser" = OID: SNMP-USER-BASED-SM-MIB::usmDESPrivProtocol
this user has DES priv protocol. Anyone could help? Thanks in advance.
Upvotes: 1
Views: 879
Answers (1)
Reputation: 1
in adduser try setting to PrivDES.ID instead of PrivAES128.ID,
OID encid = PrivDES.ID;
if(enc.equalsIgnoreCase("des"))
{
encid = PrivDES.ID;
}
else if(enc.equalsIgnoreCase("aes")){
encid = PrivAES128.ID;
}
UsmUser user = new UsmUser( new OctetString(username), authid, new
OctetString(pass), encid, new OctetString(pass));
Upvotes: 0
Related Questions
- SNMP Trap, Required OIDs: sysuptime and id
- SNMP4J Client gives "Unsupported security level"
- Configuring SNMP Agent and Manager with JAVA
- How to send v3 trap with enginedId using snmp4j
- Send trap v2 in Java
- SNMP4J V3 Trap with AuthPriv not processing
- SNMP giving authorization issues: Error in packet
- Unable to send snmp v3 trap with Auth and Priv
- snmp trap registering a receiver
- How to send my customized trap message to snmp manager?