Ports not detected on switch using Network switch wizzard

[TorqueSteer]

I can ping the switch from Nagios, I'm thinking it could be a firewall issue, will investigate and update this thread.

[cdienger]

Thanks for keeping us in the loop!

[TorqueSteer]

Well it does not appear to be a firewall issue. We have a couple of printers on that site that report back to a central system via SNMP.

It's a 48 port switch, could the wizzard be timing out before it has scanned them all?

[cdienger]

From the Nagios server perspective it's sending requests out and not getting a response. If the traffic is making it to the switch then it should be getting a response pretty quickly even with 48 ports.

Is the switch using SNMPv2? Try with version 1:

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '1000000000' '[email protected]:161::::1'

If v3 is used you will need to specify a username:

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '1000000000' '[email protected]:161::::3' --username <USERNAME>

[TorqueSteer]

From the Nagios server perspective it's sending requests out and not getting a response. If the traffic is making it to the switch then it should be getting a response pretty quickly even with 48 ports.

Is the switch using SNMPv2? Try with version 1:

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '1000000000' '[email protected]:161::::1'

If v3 is used you will need to specify a username:

Code: Select all

/usr/bin/cfgmaker --show-op-down --noreversedns --zero-speed '1000000000' '[email protected]:161::::3' --username <USERNAME>

I did think the issue may be related to the snmp community name so I changed it to not include the '-' symbol - this did not make a difference, nor does using Version 1. Very strange.

[cdienger]

I'd be curious to see a tcpdump just to make sure the traffic is leaving the XI server. If it is, then the next step would be to look up stream to make sure the switch is receiving the requests and responding to them.

xi tcpdump:

yum -y install tcpdump
tcpdump -s 0 -i any host SWITCHIP port 161 -w snmp_capture.pcap

Run this long enough to run the cfgmaker command again on a separate terminal and then use CTRL+C to stop the trace. Gather the snmp_capture.pcap file and PM it to me.

[TorqueSteer]

i tried running this pointing it towards the problem switch and then one already setup and configured in Nagios but got an 'No such device exists' error.

[cdienger]

You may need to pass something other than "any" for the interface. Run:

Code: Select all

ip addr

To get a list of interfaces on the Nagios server. On my CentOS7 I could run it with:

Code: Select all

tcpdump -s 0 -i ens32 host SWITCHIP port 161 -w snmp_capture.pcap

[TorqueSteer]

Just to update this thread....

I used a cmd line tool called SnmpWalk to query the device from my Windows machine, it timed out even after setting the timeout time to 60 seconds. i'm thinking that this is more and more a problem with the device or firewall / router that the traffice needs to pass through.

Thank you for everyone's help so far!

[kevinmjacobsen]

Make sure your IPTables on the nagios node are allowing SNMP

[root@MYNODE ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Tue Jun 20 16:37:12 2017
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:120]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 161 -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 162 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Jun 20 16:37:12 2017

After that don't forget to restart iptables:

Code: Select all

service iptables restart