Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

checkpoint snmpv3 not working #4240

Closed
sdouce opened this issue Feb 28, 2023 · 7 comments
Closed

checkpoint snmpv3 not working #4240

sdouce opened this issue Feb 28, 2023 · 7 comments
Labels
question

Comments

@sdouce
Copy link

sdouce commented Feb 28, 2023

Hello,

We have an issue with Checkpoint firewalls plugin pack and SNMP v3.

Check Point 6400
Check Point Security Gateway |
R81
3.10.0-957.21.3cpx86_64
64-bit

When we try a snmpwalk all is ok :

snmpwalk -v3 -l authPriv -u snmpv3comname -a SHA256 -A 'hidepassSHA256' -x AES256 'hidepassAES256' XX.XX.XX.X

SNMPv2-MIB::sysDescr.0 = STRING: Linux xxxx 3.10.0-957.21.3cpx86_64 #1 SMP Mon Jun 20 14:34:51 IDT 2022 x86_64
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.2620.1.6.123.1.99
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (47120) 0:07:51.20
SNMPv2-MIB::sysContact.0 = STRING: root@localhost
SNMPv2-MIB::sysName.0 = STRING: xxxx
SNMPv2-MIB::sysLocation.0 = STRING: Unknown
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (1) 0:00:00.01
SNMPv2-MIB::sysORID.1 = OID: SNMP-FRAMEWORK-MI

But when I try with centreon checkpoint script it always return “unable to create session”

/usr/lib/centreon/plugins/centreon_checkpoint.pl --plugin=network::checkpoint::snmp::plugin --mode=connections --hostname=XX.XX.XX.XX --snmp-version='3' --snmp-username='snmpv3comname' --authpassphrase='hidepassSHA256' --authprotocol='SHA256' --privpassphrase='hidepassAES256' --privprotocol='AES256'

I try to add different type of SNMPV3 Authprotocol , with ou without privprotocol...
Nothing change , it always work with snmpwalk but not with plugins.

There is no info with --debug

Do i miss something or need to install another dependency package ?
@garnier-quentin
Copy link
Contributor

garnier-quentin commented Mar 1, 2023
edited

Your issue is about SHA265 i think. You need a very recent version perl net-snmp (the 5.9.1 i think)

You need to backport it (that version is not available on Debian 8 and rhel 8).

@sdouce
Copy link
Author

sdouce commented Mar 1, 2023

Your issue is about SHA265 i think. You need a very recent version perl net-snmp (the 5.9.1 i think)

You need to backport it (that version is not available on Debian 8 and rhel 8).

Is there any package , in repo delivered by centreon repo ? like remi ou Codebuilder ?

@garnier-quentin
Copy link
Contributor

No we don't provide it

@sdouce
Copy link
Author

sdouce commented Mar 2, 2023

Via cpan i update Net::SNMP version 6.0.1 , no success .

@garnier-quentin
Copy link
Contributor

We dont use that module. we use the perl binding in the project: https://github.com/net-snmp/net-snmp

@sdouce
Copy link
Author

sdouce commented Mar 3, 2023

Ok i compiled it n and although the libraries are not the path it work !! I need to test through centreon check_command.

I also created the rpm's by rebuilding the spec file. But for the installation of this rpm, there are too many dependencies with centreon when i tried to update ...

@garnier-quentin
Copy link
Contributor

thanks for the feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sdouce @garnier-quentin