Good afternoon Nagios Support,
following an upgrade of the check point Firewall OS SNMP v3 MD5 authentication support has been remove and only SHA512 s remaining.
The SNMP check we had running are with auth now set to SHA are all failing and when I try to Scan is it responding as "No ports were detected on the switch."
We are running Nagios 5.11.2 on Centos 7 with PHP 8.1
We are trying to connect using SHA(512), AuthNoPriv
I have Cisco switch which we are monitoring using SHA with AuthPriv successfully.
Are there any configuration updates that we require on the Nagios XI?
Thank you for your assistance
Regards
William Bright
SHA512 auth protocol support for SNMP checks
-
jmichaelson
- Posts: 117
- Joined: Wed Aug 23, 2023 1:02 pm
Re: SHA512 auth protocol support for SNMP checks
Hi William, first, I'd recommend upgrading to Nagios XI 2024R1,, which was just released on December 6 (as well as upgrading Centos to Centos 9 Stream). That may resolve the problem on its own.
Barring that, can you reattempt to runt he configuration wizard for the device and attempt authentication to it in the wizard using SHA512. That may or may not work. If it doesn't, could you attach relevant log snippets from /usr/local/nagios/var/nagios.log for the host if anything exists?
Barring that, can you reattempt to runt he configuration wizard for the device and attempt authentication to it in the wizard using SHA512. That may or may not work. If it doesn't, could you attach relevant log snippets from /usr/local/nagios/var/nagios.log for the host if anything exists?
Please let us know if you have any other questions or concerns.
-Jason
-Jason
Re: SHA512 auth protocol support for SNMP checks
Do you have any other way to recover?wbright wrote: ↑Sun Dec 10, 2023 10:25 pm Good afternoon Nagios Support,
following an upgrade of the check point Firewall OS SNMP v3 MD5 authentication support has been remove and only SHA512 s remaining.
The SNMP check we had running are with auth now set to SHA are all failing and when I try to Scan is it responding as "No ports were detected on the switch."
We are running Nagios 5.11.2 on Centos 7 with PHP 8.1
We are trying to connect using SHA(512), AuthNoPriv
I have Cisco switch which we are monitoring using SHA with AuthPriv successfully.
Are there any configuration updates that we require on the Nagios XI?
Thank you for your assistance
Regards
William Bright
Re: SHA512 auth protocol support for SNMP checks
Thank you for the information, I have updated to 2024R1.01 and 2024R1.02 on Centos7 with no change.
I have run up a Centos9 Nagios 2024R1.1 Server and althrough the /usr/bin/snmpwalk (in Centos9) has options for SHA-256 and SHA-512, and AES-256 these options do not appear in the wizards and the Wizards do not appear to be using these options.
I have raised a call with Nagios Support.
Have a good day
Regards
William Bright
I have run up a Centos9 Nagios 2024R1.1 Server and althrough the /usr/bin/snmpwalk (in Centos9) has options for SHA-256 and SHA-512, and AES-256 these options do not appear in the wizards and the Wizards do not appear to be using these options.
I have raised a call with Nagios Support.
Have a good day
Regards
William Bright