Guest

Preview Tool

Cisco Bug: CSCup05772 - Snmp-server hosts entries are lost when upgrading from 9.1(4) to 9.1(5)

Last Modified

Apr 16, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

9.1(4)

Description (partial)

Symptom:
- With snmp configuration if we are using "password encryption aes" to encrypt the snmp community string then ASA won't recognize following command after upgrading from 9.1.4 to 9.1.5

snmp-server host  <interface-name> <ip-address> poll community <community-name>

e.g

snmp-server host inside 172.16.0.4 poll community public
snmp-server community public

- After we enter following command:--

password encryption aes

sh run snmp-server
snmp-server host inside 172.16.0.4 poll community 8 9+bw38JPBvGvlSL+oz2pEthC+e+mhw==
snmp-server community 8 xU5qOY2T4DrewJB76ALkVSPTZ7m/RQ==


- After ASA is upgraded from 9.1.4 to 9.1.5

Reboot to 9.1(5); it will product the following output upon boot:
Reading from flash...

!!!!..ERROR: user/community name is not valid
*** Output from config line 157, "snmp-server host inside ..."

- And we are only left with:
snmp-server community 8 xU5qOY2T4DrewJB76ALkVSPTZ7m/RQ==

Conditions:
Command "password encryption aes" should be configured.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.