4

I'm using snmptrapd on linux from net-snmp package. I'm trying to make some perl script to handle snmp traps. I'm already have such script and it works with snmp v1, v2c traps and with snmpv3 traps but only when I specify engineID explicitly both in config and in command sending trap. But when I configure cisco router to send me linkDown trap it uses MAC address with some extra bytes as engineID. And I can see trap arrives on interface in wireshark, but snmptrapd does nothing. Is it possible to configure snmptrapd to accept all traps by authenticated users without specifying engineID?

# Example configuration file for snmptrapd
#
# No traps are handled by default, you must edit this file!
#
createUser -e 0x0102030405 myuser MD5 mypassword DES myotherpassword
createUser -e 0x0102030405 myuser2 MD5 mypassword DES myotherpassword
createUser -e 0x0102030406 myuser2 MD5 mypassword DES myotherpassword
createUser cisco SHA cisco123 DES cisco123
authUser log,execute myuser
authUser log,execute myuser2
authUser log,execute cisco
authCommunity   log,execute public
perl do "/usr/local/share/snmp/snmptrapdhandler.pl";
Improve this question
0

2 Answers 2

Reset to default
3

You cannot be authenticated as user for receiving traps if you don't specify the engineID.

See http://www.net-snmp.org/wiki/index.php/TUT:Configuring_snmptrapd_to_receive_SNMPv3_notifications

Improve this answer
0
0

It is possible to set this up without needing an engineID.

See this post for more info: https://serverfault.com/a/961621/517843

Improve this answer
1
  • 1
    Link only answers are really not suggested. You should copy or construct a proper answer from the link and leave it as the source of your findings.
    – user36472
    Commented Apr 5, 2019 at 6:15

Not the answer you're looking for? Browse other questions tagged or ask your own question.