SNMPv3 Discovery.GetResponse not working
berny275 opened this issue · 2 comments
When trying to do a discovery, I'm failing at the initial response with:
MethodInvocationException: Exception calling "GetResponse" with "2" argument(s): "data construction exception"
In the docs:
https://docs.sharpsnmp.com/tutorials/v3-operations.html#discovery-process
You've got this:
Discovery discovery = Messenger.GetNextDiscovery(SnmpType.GetRequestPdu);
ReportMessage report = discovery.GetResponse(60000, new IPEndPoint(IPAddress.Parse("192.168.1.2"), 161));
My code:
$HomeRouter = @{
UserName = 'snmpname'
Target = '4011gw'
OID = '1.3.6.1.2.1.1'
AuthType = 'SHA1'
AuthSecret = 'authenticationpassword'
PrivType = 'AES256'
PrivSecret = 'encryptionpassword'
Context = 'snmpname'
}
$IPAddress = [System.Net.Dns]::GetHostEntry($HomeRouter.Target).AddressList[0]
$Port = "161"
$IPEndPoint = [System.Net.IPEndPoint]::new($IPAddress, $Port)
$Timeout = "3000"
$Discovery = [Lextm.SharpSnmpLib.Messaging.Messenger]::GetNextDiscovery([Lextm.SharpSnmpLib.SnmpType]::GetBulkRequestPdu)
$Discovery.GetResponse($Timeout, $IPEndPoint)
Perhaps I've got something wrong?
I've tried using the Paessler SNMP Tester and snmpwalk.
When looking at the packet data from the Paessler client, I see:
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 23260
msgMaxSize: 65507
msgFlags: 04
.... .1.. = Reportable: Set
.... ..0. = Encrypted: Not set
.... ...0 = Authenticated: Not set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID:
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName:
msgAuthenticationParameters:
msgPrivacyParameters:
msgData: plaintext (0)
plaintext
contextEngineID:
contextName: snmpname
data: get-request (0)
get-request
request-id: 27556
error-status: noError (0)
error-index: 0
variable-bindings: 0 items
I note above that the contextName is included on the query.
If I look with snmpwalk I see:
snmpwalk -u snmpname -A authenticationpassword -a SHA -X encryptionpassword -x AES -l authPriv 10.128.80.1 -v3 1.3.6.1.2.1.1.1.0
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 1874596911
msgMaxSize: 65507
msgFlags: 04
msgSecurityModel: USM (3)
msgAuthoritativeEngineID:
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName:
msgAuthenticationParameters:
msgPrivacyParameters:
msgData: plaintext (0)
plaintext
contextEngineID:
contextName:
data: get-request (0)
get-request
request-id: 362538235
error-status: noError (0)
error-index: 0
variable-bindings: 0 items
So the contextname isn't being passed by the net-snmp project in their discovery.
If I look in wireshark, using my code above, I see "getBulkRequest" instead of "get-request":
Simple Network Management Protocol
msgVersion: snmpv3 (3)
msgGlobalData
msgID: 619652549
msgMaxSize: 65507
msgFlags: 04
.... .1.. = Reportable: Set
.... ..0. = Encrypted: Not set
.... ...0 = Authenticated: Not set
msgSecurityModel: USM (3)
msgAuthoritativeEngineID:
msgAuthoritativeEngineBoots: 0
msgAuthoritativeEngineTime: 0
msgUserName:
msgAuthenticationParameters:
msgPrivacyParameters:
msgData: plaintext (0)
plaintext
contextEngineID:
contextName:
data: getBulkRequest (5)
getBulkRequest
request-id: -914668421
non-repeaters: 0
max-repetitions: 0
variable-bindings: 0 items
I've attached the packet captures for your own reference.
sharpsnmplib-snmpv3-discovery.zip
Thoughts?
Also, I don't know if it's an issue or not as to whether the request-id is a negative integer?
Closing issue, user error for the first bit.
#$Discovery = [Lextm.SharpSnmpLib.Messaging.Messenger]::GetNextDiscovery([Lextm.SharpSnmpLib.SnmpType]::GetBulkRequestPdu)
$Discovery = [Lextm.SharpSnmpLib.Messaging.Messenger]::GetNextDiscovery([Lextm.SharpSnmpLib.SnmpType]::GetRequestPdu)
Also, the mikrotik I'm testing against doesn't support AES26, only AES128.
Issue raised for the negative integer. It looks like some internal parameter that's initialised when [Lextm.SharpSnmpLib.Messaging.Messenger]::GetNextDiscovery is initialised is a negative integer instead of always being a positive integer.