If several devices have been configured to use SNMP v3 encryption, it can sometimes trigger alerts in discovery_agent if the devices have been set up incorrectly. This document shows how to diagnose the following errors in the discovery_agent logs:
"Could not discover remote engine ID for ip/161 : mostly likely not a SNMPv3 capable device"
UIM 7.x – 8.x
There are several possible reasons why this error is occurring:
- The device is using an encryption that is not supported by discovery_agent.
- The device does not support snmpV3. It could be v1 or v2c only.
- The v3 device is not accessible or running on that IP.
- The problematic devices all had the same snmpEngineID and this is causing the snmpv3 authentication to fail. It was recommended to reset the engine ids on these machines to fix the issue.
- These Cisco switches are all connected with stacking cables that attach a group of switches and basically turns them into a single switch. This causes issues with discovery_agent and causes the engine ids to fail. If this is the issue, then it is advised to consult with Cisco support because this may be a bug in IOS.
Use the sapwalk command to help verify and simplify the below troubleshooting steps. Browse to http://devicesupport.ca.com/Tools.html and download the version you need based on your OS. Instructions are included in the download.
1. Step One
Discovery_agent only supports SNMP v3 DES and AES-128 encryption. If any other encryption is being used, then discovery_agent will display errors in the logs.
2. Step Two
Ensure that the device supports SNMP v3 encryption. This can be performed by simply trying to use v1 or v2c encryption on these devices to see if this resolves the issue.
3. Step Three
Use nslookup and a ping test to verify that the device is actually using that particular ip.
4. Step Four
Verify that the devices are not running the same engine IDs for the devices. If they are, you will need to reset the engine IDs and verify the results.
5. Step Five
Ensure that the devices have been wired correctly.