- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2020 09:35 AM
I am trying to run a quick discovery for a firewall device, I am getting " SNMP probe timed out. Target is either unreachable or there are no valid credentials for it. ", I tried checking the SNMP v3 test credentials and its getting validated , now I am not sure why i am getting this error, after this error is logged in the discovery logs I get "
| Target is blacklisted. No valid credential found for types [SSH Password,SSH Private Key] |
I am not able to validate the ssh credential, Not sure why I am getting the first log even i am able to validate the credentials and then why it is going for a ssh test , this is for a firewall device. ?
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2020 01:32 PM
In line with Lee's comment: port 22 is open, so discovery will try an SSH connection first. You would expect that to fail if your going after a firewall. After this, it is trying an SNMP connect, but this also fails.
According to your message, it is timing out/lacks valid credentials. A thing to check is to see if it is using v3 or maybe (other) v1/v2 credentials. If the v3 work, you might want to make sure those are getting used (check the payload from the input SNMP probe). Have you touched/set the mid.snmp.use_snmp_v3 parameter? It's "true" by default, and needs to be for SNMPv3 to be used.
If it's using the v3 credentials, and to Tim's point, you might need additional privileges on the network to talk to the firewall(s).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2020 10:43 AM
If snmp fails, it will move on and try whatever other ports it knows about that are open.
When snmp fails, it's usually helpful to do a tcpdump and watch the traffic to see what the failure looks like.
Timeouts, credential failures, and version misconfigurations all look pretty darned similar on the instance but very different on the wire.
- Tim.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-01-2020 09:05 AM
but here my snmp is not failing , when I did a test credential to that IP via the midserver its validating
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2020 10:47 AM
You can test the credentials under the actual credential. There is a test credential spot. We have been seeing a lot of timeout with SNMP and we have had to increase SNMP timeout on our mid servers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2020 11:07 AM
SSH is Tried because Port 22 is open
