Skip to main content
Version: v25.07.31

SNMP Troubleshooting

This document provides a step-by-step guide to troubleshooting SNMP configuration issues on CE devices. It includes verification methods in cloud configuration, local SNMP daemon configuration, UCI settings, service status, and SNMP walk tests. Using the commands and examples provided, users can effectively identify and resolve most SNMP connectivity or configuration issues.

Troubleshooting Steps

Cloud Configuration verification

These commands help you verify the SNMP configuration as seen by your cloud service

Access the CE Terminal

Log into the CE device and gain root access:

sudo su -

Check last config response:

Run the following command to check the last configuration. This command displays the SNMP configuration from the last configuration response received from the cloud.

cat /tmp/last_config_response.json | jq .'service.snmp'

The given one is just an example output; when this command is run, it will show something like this.

Example Response

{
  "hostName": "myhost.com",
  "location": "Nadiad",
  "version": "v3",
  "community": null,
  "port": 161,
  "description": "system",
  "contact": "sharad.bhagwat@elemprin.com",
  "enable": true,
  "username": "sharad",
  "authProtocol": "SHA",
  "authPassword": "sharad24",
  "privacyPassword": null,
  "privacyProtocol": null,
  "securityLevel": "auth"
}

Verify SNMP daemon configuration file:

The cat /etc/config/snmpd command is used to view the configuration for the SNMP service. It makes it easy to check whether SNMP is set up correctly and to fix any problems.

cat /etc/config/snmpd

The given one is just an example output; when this command is run, it will show something like this.

Exmaple Response

config agent
	option agentaddress 'UDP:161'
 
config agentx
	option agentxsocket '/var/run/agentx.sock'
 
config com2sec 'public'
	option secname 'ro'
	option source 'default'
 
config com2sec6 'public6'
	option secname 'ro'
	option source 'default'
	option community 'public'
 
config com2sec6 'private6'
	option secname 'rw'
	option source 'localhost'
	option community 'private'
 
config group 'public_v1'
	option group 'public'
	option version 'v1'
	option secname 'ro'
 
config group 'public_v2c'
	option group 'public'
	option version 'v2c'
	option secname 'ro'
 
config view 'all'
	option viewname 'all'
	option type 'included'
	option oid '.1'
 
config access 'public_access'
	option group 'public'
	option context 'none'
	option version 'any'
	option level 'noauth'
	option prefix 'exact'
	option read 'all'
	option write 'none'
	option notify 'none'
 
config system
	option sysLocation 'London'
	option sysContact 'apex_connect123@gmail.com'
	option sysName 'myhost.com'
	option sysDescr 'system'
 
config exec
	option name 'filedescriptors'
	option prog '/bin/cat'
	option args '/proc/sys/fs/file-nr'
 
config engineid
	option engineidtype '3'
	option engineidnic 'eth0'
 
config snmpd 'general'
	option enabled '1'
 
config user 'sharad'
	option name 'sharad'
	option sec_level 'auth'
	option auth_proto 'SHA'
	option auth_pass 'sharad24'
	option user_type 'rouser'
Q:1 What should I check in the SNMP response to confirm correct setup?

When you run: cat /tmp/last_config_response.json | jq '.service.snmp' you should carefully verify the following fields to confirm correct setup: hostName – Ensure the device hostname is correctly defined. location – Confirms the physical/logical location is set (e.g., London). version – Check that the SNMP version (v1, v2c, or v3) matches your intended configuration. community – For v1/v2c, ensure the community string (public, private) is present. For v3, this may be null. port – Verify the SNMP port (default is 161). enable – Must be true for SNMP to be active. username – For v3, confirm the username is correctly set. authProtocol / authPassword – For v3 with authentication, ensure protocol (SHA/MD5) and password are valid. privacyProtocol / privacyPassword – For v3 with privacy, confirm encryption settings (AES/DES) and password are configured. securityLevel – Verify the correct level (noAuthNoPriv, authNoPriv, or authPriv). If these values align with your intended SNMP setup, the configuration has been correctly applied from the cloud.

Q:2 What does the command cat /etc/config/snmpd verify?

The command: cat /etc/config/snmpd. displays the local SNMP daemon configuration file. It verifies: Agent settings – Confirms SNMP is listening on the correct port (UDP:161). Community strings – Shows access control for v1/v2c (public, private). Groups and views – Defines which OIDs are accessible and at what permission level (read-only, read-write). Access rules – Specifies authentication level (noauth, auth, priv) and permissions for each group. System information – Confirms sysLocation, sysContact, sysName, and sysDescr are correctly set. User configuration (v3) – Displays SNMPv3 users, their security level, authentication protocol, and passwords. General settings – Ensures SNMP daemon is enabled (option enabled '1'). This file is critical for verifying that SNMP is correctly configured at the local daemon level, ensuring consistency with the cloud-applied configuration.