The content from the original post:
We have two NAS boxes with version TrueNAS-SCALE-23.10.1.3. I’ve setup SNMP v3 on both boxes from the SNMP UI in services. I’ve used a username, SHA and AES (location, contact or community is left empty). The passphrases are 32 character random strings with alphabets, numbers and symbols. The problem is, SNMP is not working for both of these servers. I get authentication failure when doing snmpwalk from remote server. I don’t see any SNMP errors on journalctl. I’ve used the same approach to setup SNMP for many other servers successfully but having hiccups here.
Update since the original post:
We’ve updated to TrueNAS-SCALE-23.10.2 and it is still not working. Could this be a bug? I’d appreciate any help regarding this issue.
The only SNMP bug I found in the system right now is [NAS-128412] - iXsystems TrueNAS Jira, this addressed in 24.04.0, so you could try upgrading to see if your issue is addressed.
However this does not directly map to what you are describing. I recommend raising a bug ticket using the link at the top of the forum. A link will be provided to a private upload after creation to allow upload of a debug to allow investigation.
Thanks for the response. I won’t be able to update the system anytime soon but would surely like to submit a bug ticket. Can you please share how I can get logs for snmp connectivity from inside TrueNAS Scale that I can use to troubleshoot on my end or add to the bug report? Please let me know if there’s something.
Thanks for the reply. I’m not sure what recreating the user means. I’ve stopped and started the SNMP service from “System Settings > Services” from the UI and used DES instead of AES but that didn’t make a difference. Do I need to do something from the TrueNAS shell?
No, you won’t have to do anything from the TrueNAS shell.
In the TrueNAS GUI, Go to System → Services, and click on the pencil for SNMP.
From there, click on SNMPv3 support. The SNMP user is managed on the right side of that screen.
Set the user up for DES under Privacy protocol, and save, and then restart the SNMP service.
Make sure that your SNMP client is set up to use DES as the SNMPv3 privacy protocol, and see if you can reach SNMP that way.
Thanks for sharing further details. I’ve got it to work but I also had to reduce the password and privacy passphrase down to 10 characters of alphabets, numbers and symbols. Previously, it was working with 32 characters. Also, it’s very weird that I cannot use the previous username anymore, any other user works but not that.
Anyways, thanks for helping out with this. Much appreciated.
@ABain@wmo update on the issue:
it appears the snmp config prior to update has been “cached” somewhere in truenas. No matter what change to snmp config I do, snmpwalk works with the cached config.
For example.
If I set the config to ‘snmpuser’, ‘md5’, ‘des’, ‘12345678’ and ‘asfghjk’. I would not be able to snmpwalk to it. But snmpwalk would work with the cached config even though I have set the above config to snmp in truenas. Stopping and restarting SNMP has not fixed it and I cannot reboot the trueNAS scale server. Any way that can clear the snmp “cache”?
@ABain the debug file is pretty detailed so removing sensitive and identifying information from it is tedious. Can I share some particular folders, that are relevant to the issue, instead of the whole debug? If yes, what folders should I submit?
@user0241233 When you submit a bug report (using the Report a Bug link to Jira above) you will receive a link in a comment to our secure private upload service so that the debug is not publicly viewable.
