Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inform - Not in Windows of Trust using AuthPriv #126

Open
MGough opened this issue Jan 14, 2018 · 4 comments
Open

Inform - Not in Windows of Trust using AuthPriv #126

MGough opened this issue Jan 14, 2018 · 4 comments

Comments

@MGough
Copy link

MGough commented Jan 14, 2018

I'm trying to send an inform over SNMPv3 using MD5 and DES. I've tried using alternative privacy and authentication protocols and had no luck. Using no auth and no priv works. My code is very similar to this example snippet except it is also using a privacy protocol.
Both this Notification originator and receiver are running PySNMP 4.4.4 on different hosts.

The error logged by the Notification Receiver appears to me to be:
NotInTimeWindow('SNMP message timing parameters not in windows of trust',)

Am I missing something that is likely to cause this? I notice that the URL of the snippet linked above includesv3arch, is this outdated?

@MGough
Copy link
Author

MGough commented Jan 15, 2018

I'm pretty sure I have an issue with either securityName or the authoritative engine ID. I have a higher level code snippet working with demo.snmplabs.com so will try to recreate this at the level that I need and update if I continue to have problems or find a solution.

@etingof
Copy link
Owner

etingof commented Jan 16, 2018

Does your smaller script work on Linux?

Does the original script work for you? It works on my Mac against demo.snmplabs.com, just checked.

Make sure you are running the latest released pysnmp.

Make sure you the clock wall on these machines behave normally. The exact time synchronization is not required with SNMP, though time should flow smoothly, no abrupt jumps here and there.

@MGough
Copy link
Author

MGough commented Jan 16, 2018

Hi Ilya, thanks for your suggestions and your time. The issue is most likely, as expected, my knowledge of SNMP.

The script with only MD5 and no privacy works for me just fine. I've been working on debugging this and I'm pretty sure the issue is due to having engine IDs incorrectly specified manually as I now have a higher level script working using the sendNotification method with authentication and privacy. I see now that there is working autodiscovery of the correct engine IDs which I should've found by running the example.

The error displaying as NotInTimeWindow('SNMP message timing parameters not in windows of trust',) rather than being related to the engine IDs was what threw me. I will try and apply my new knowledge to my previous approach and hopefully that should resolve the issue.

@MGough
Copy link
Author

MGough commented Jan 17, 2018

I can confirm the issue was due to the engine IDs which I had set. Feel free to close this issue, although it may be worth in future looking into improving the error message displayed in this scenario?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants