SNMP with 1.1.6 and Net-SNMP 5.3

Kevin Bonner keb at pa.net
Fri Apr 13 17:59:21 CEST 2007


On Friday 13 April 2007 08:53:26 Stefan Winter wrote:
> Hi,
>
> trying for the first time to get SNMP working, and I have come to a point
> where I'm really startled why stuff doesn't work.
>
> I've configured FreeRADIUS 1.1.6 with SNMP, and it's printing out that it
> is starting up the SMUX connection. Then the snmpd refuses the SMUX
> connection.
>
> This would usually mean I screwed up the shared secret, but I'm very sure I
> haven't. I even verified with tcpdump that FR sends the correct secret on
> the loopback "wire".
>
> So the problem would appear to be that Net-SNMP is confused wrt the secret.
> But I configured it with the line
>
> smuxpeer .1.3.6.1.4.1.3317.1.3.1 verysecret
>
> (also without the leading dot, in my desperation, didn't help). The
> password *is* verysecret on the FR side.
>
> Debug output says:
>
> ...
> Module: Instantiated detail (nas_reply_log)
>  main: smux_password = "verysecret"
>  main: snmp_write_access = no
> SMUX connect try 1
> SMUX open oid: 1.3.6.1.4.1.3317.1.3.1
> SMUX open progname: radiusd
> SMUX open password: verysecret
> SMUX register oid: 1.3.6.1.2.1.67.1.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register oid: 1.3.6.1.2.1.67.2.1.1.1
> SMUX register priority: -1
> SMUX register operation: 1
> SMUX register message send failed: Broken pipe
> Listening on authentication *:1812
> Listening on accounting *:1813
> Ready to process requests.
>
> The broken pipe is because Net-SNMP closes the connection, it's log says:
>
> [smux_accept] accepted fd 9 from 127.0.0.1:4580
> refused smux peer: oid SNMPv2-SMI::enterprises.3317.1.3.1, descr radiusd
>
> and tcpdump reveals that the reason for refusing is authenticationFailure.
>
> Anyone else running a similar config? It's the version of Net-SNMP that
> came as RPM on SUSE 10.1. FR compiled freshly.
>
> Greetings,
>
> Stefan Winter

I receive the same broken pipe error when the smuxpeer pass and smux_password 
aren't the same, though there is probably a more complex cause.  Are there 
any non-standard characters in either config file?

Is Net-SNMP configured with ucd-snmp compatibility?

Kevin Bonner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070413/be0ff06b/attachment.pgp>


More information about the Freeradius-Users mailing list