<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello Devangana,<br>
Basically, you just have to perform the sync_get once more. I
observed similar behavior in OTP 17.1 (snmp 4.25.1). The first
request will always fail because the manager is not fully configured
to communicate with the agent (more on that below).<br>
<br>
A longer explanation:<br>
<br>
In snmp v3 there is a process called 'discovery', which should be
performed before secure communication with the agent can be
established. It is described here:<br>
<br>
<a href="https://tools.ietf.org/html/rfc3414#section-4"
rel="nofollow">https://tools.ietf.org/html/rfc3414#section-4</a><br>
<br>
The snmp library in OTP does not implement that process (at least
not as described in the RFC). <br>
This process has two steps: 'snmpEngineID discovery' and 'time
synchronization'.<br>
The first step is skipped altogether in OTP - you have to provide
engine id upfront.<br>
The second step is performed by the first request - it will always
fail with the 'usmStatsNotInTimeWindows' error report message, but
it will set the required 'msgAuthoritativeEngineBoots' and
'msgAuthoritativeEngineTime' in the manager.<br>
<br>
Best,<br>
Dominik<br>
<br>
<div class="moz-cite-prefix">On 10.09.2016 06:48, Devangana Tarafdar
wrote:<br>
</div>
<blockquote
cite="mid:CAHfHLPV8GE8Wy=-pobm-jDcPDGCSzVhbp5Sd22dD5snJxn3s1Q@mail.gmail.com"
type="cite">
<div dir="ltr">Hello,
<div><br>
</div>
<div>I am trying to connect to a third party SNMP agent, using
snmp manager (snmp v3) ( in the erlang 19 release snmp
5.2.3) and I am running into a problem where the agent is
returning this error on the manager calling sync_get:</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>*** [2016:09:08 21:26:00 830] SNMP M-SERVER TRACE ***</div>
<div> handle_snmp_report -> entry with</div>
<div> Domain: snmpUDPDomain</div>
<div> Addr: {{xx,xxx,xxx,xxx},161}</div>
<div> ReqId: 37078226</div>
<div> Rep: {invalid_sec_info,[{sec_level,3,1},</div>
<div>
{request_id,37078226,2147483647}]}</div>
<div> Pdu: {pdu,report,2147483647,noError,0,</div>
<div>
[{varbind,[1,3,6,1,6,3,15,1,1,2,0],'Counter32',33,1}]}</div>
<div>*** [2016:09:08 21:26:00 830] SNMP M-SERVER DEBUG ***</div>
<div> handle_snmp_report -> found corresponding request:</div>
<div> reply to sync request</div>
<div> Ref: #Ref<0.0.4.210></div>
<div> ModRef: #Ref<0.0.4.211></div>
<div> From: {<0.3.0>,#Ref<0.0.4.202>}</div>
<div>*** [2016:09:08 21:26:00 830] SNMP M-SERVER TRACE ***</div>
<div> handle_snmp_pdu(get-response) -> Remaining: 4979</div>
<div>*** [2016:09:08 21:26:00 830] SNMP M-SERVER TRACE ***</div>
<div> handle_snmp_report -> deliver reply</div>
<div><br>
</div>
<div>{error,{invalid_sec_info,[{sec_level,3,1},{request_id,37078226,2147483647}],{noError,0,[{varbind,[1,3,6,1,6,3,15,1,1,2,0],'Counter32',33,1}]}}}</div>
<div><br>
</div>
<div>*** [2016:09:08 21:26:00 831] </div>
</div>
<div><br>
</div>
Where [1,3,6,1,6,3,15,1,1,2,0] maps to
"usmStatsNotInTimeWindows" (from <a moz-do-not-send="true"
href="http://www.oid-info.com/">http://www.oid-info.com/</a>)
<div><br>
</div>
<div>I have attached a wireshark trace for the snmp part of
this exchange.</div>
<div><br>
</div>
<div>I am invoking the snmpm module functions through a basic
script as follows (using tips from the tutorial at</div>
<div><a moz-do-not-send="true"
href="https://erlangcentral.org/wiki/index.php?title=SNMP_Quick_Start">https://erlangcentral.org/wiki/index.php?title=SNMP_Quick_Start</a>
)<br>
</div>
<div>.........</div>
<div>..........</div>
<div>
<pre style="color:rgb(0,0,0)"> ok = application:start(crypto),
ok = application:start(snmp),
Userid = "snmp3user",
Agent_target = "testagent",
Agent_engine_id = [128,0,0,8,2,0,0,26,84,40,108,176],
Agent_ip = {xx,xxx,xxx,xxx},
Agent_port = 161 ,
Secure_name= Userid,
Security_level = 'authPriv',
Security_model = 'usm',
Agent_version = 'v3',
Auth_protocol = 'usmHMACSHAAuthProtocol',
Priv_protocol = 'usmAesCfb128Protocol',
% this is 16 in length
Priv_key_local = snmp:passwd2localized_key(md5, Priv_key , Agent_engine_id),
% this is 20 in length
Auth_key_local = snmp:passwd2localized_key(sha, Auth_key , Agent_engine_id),
ok = snmpm:register_user(Userid,snmpm_user_default,[]), </pre>
<pre style="color:rgb(0,0,0)"> ok = snmpm:register_usm_user(Agent_engine_id, Userid, [
{auth, Auth_protocol},
{auth_key,Auth_key_local},
{priv, Priv_protocol},
{priv_key,Priv_key_local },
{sec_name, Secure_name}
]),
ok = snmpm:register_agent(Userid, Agent_target ,[
{engine_id,Agent_engine_id},
{address, Agent_ip},
{port, Agent_port},
{version,Agent_version},
{sec_model,Security_model},
{sec_name,Secure_name},
{sec_level, Security_level}</pre>
<pre style="color:rgb(0,0,0)"> ]),
Res0 = snmpm:sync_get(Userid, Agent_target, [[1,3,6,1,4,1,9,10,19,1,1,9,1,3,7,2]]),
<span style="font-family:arial,sans-serif;color:rgb(34,34,34)"> ........................</span></pre>
<pre style="color:rgb(0,0,0)"><span style="font-family:arial,sans-serif;color:rgb(34,34,34)"> ........................</span></pre>
<pre>Can anyone please tell me what I am doing wrong here ? Any tips would be appreciated !<font color="#000000">
</font></pre>
</div>
<div><br>
</div>
<div><br>
</div>
<div>Thanks,<br>
Devangana</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
erlang-questions mailing list
<a class="moz-txt-link-abbreviated" href="mailto:erlang-questions@erlang.org">erlang-questions@erlang.org</a>
<a class="moz-txt-link-freetext" href="http://erlang.org/mailman/listinfo/erlang-questions">http://erlang.org/mailman/listinfo/erlang-questions</a>
</pre>
</blockquote>
<br>
</body>
</html>