I usually troubleshoot the problem in the following way:
1. Start a TCPDUmp (Linux) or Wireshark trace on the SpectroSERVER that the device is trying to be modeled on.
2. Try to discover the device and wait for it to fail
3. Dump the SNMPv3 cache into the VNM.OUT with the following command while connected to CLI (vnmsh)
./update action=0x10331 mh=<vnm_mh>
4. Clear the SNMPv3 cache by typing this command while connected to CLI
./update action=0x10333 mh=<vnm_mh>
5. Try to discover the device again, this should work now
6. Stop the TCPDump or Wireshark trace
7. Provide the VNM.OUT, TCPDump (or wireshark trace) and the SNMPv3 credentials so we can decrypt the SNMPv3 traces in a new support issue.
If you do not want to provide this due to confidentiality what I generally look for is why the original discovery was failing. Normally the device will either not respond or respond with a REPORT and an Error code such as
1.3.6.1.6.3.15.1.1.2.0 (usmStatsNotInTimeWindows), also make note of the EngineBoot EngineID and EngineTime.
Compare these values to the values you receive after you clear the SNMPv3 cache to see if they are similar or completely different which may be caused by having mutliple devices with the same EngineID or the Agent providing a smaller EngineBoot to what Spectrum has.
If any further questions its best to open an issue with all of the info for further analysis.
Best regards,
Glenn
Original Message:
Sent: 11-21-2019 01:13 PM
From: Manish Arora
Subject: SNMPv3 discovery fails Spectrum 10.4
Hello
I am trying to discover Fortinet, Palo Alto and Aruba switches using SNMP v3 with options selected in SNMP profile for authentication with privacy, Wireshark displays error for malformed packets or decrypted packet not in order .
Tried MIB browser to check the SNMPv3 communication , it works for few devices but not able to discover such devices in Spectrum.
Any suggestions how to resolve it.
Thanks
Manish