Guest

Preview Tool

Cisco Bug: CSCuw56131 - redundant sup / SNMP EngineID depends on which supervisor booted first

Last Modified

Sep 13, 2016

Products (150)

  • Cisco IOS
  • Cisco Catalyst 3560CG-8TC-S Compact Switch
  • Cisco Catalyst 3560X-48P-S Switch
  • Cisco Catalyst 2960X-48LPS-L Switch
  • Cisco Embedded Service 2020 24TC NCP B Switch
  • Cisco Catalyst 2960X-24PS-L Switch
  • Cisco Embedded Service 2020 CON B Switch
  • Cisco Catalyst 3560X-48T-E Switch
  • Cisco Catalyst 2960S-24PD-L Switch
  • Cisco Catalyst 2960C-8TC-S Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(2)E2

Description (partial)

Symptom:
SNMPv3 authentication failure observed when SNMPWALK or SNMPGET or SNMPSET operations are executed on chassis with redundant SUP8-E engines

Conditions:
Every SNMPv3 agent has an engine ID which serves as a unique identifier for the agent. 
The engine ID is used with a hashing function to generate keys for authentication and encryption of SNMP v3 messages.
In a situation where Supervisor Engine in slot A is ACTIVE and SNMPv3 user credentials are entered, current SNMP EngineID [computed based on information from Supervisor engine in slot A] is linked to SNMPv3 user account
If both supervisors are reloaded simultaneously and supervisor engine in slot B boots up first and becomes ACTIVE, then new SNMP EngineID will be calculated.
If both supervisors are reloaded and we make sure that ACTIVE supervisor will be the same supervisor that was ACTIVE at the time when SNMPv3 credentials were entered restores SNMPv3 access [e.g. no configuration is necessary]
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.