0

Currently I am developing an C# console application using .NET 4.5 to set some configuration values of the access point. This access point is in my local network. Further I am using SnmpSharpNet library to make SNMP requests. To make the SNMP requests I used SNMP version 2.

The problem is that I can't do SET request to the access point and it always responds with "no-access" (error code 6). But I can do GET request without a problem. I checked the MIB file as well and the variable which I am going to change also has read-write access.

This is the code I wrote.

private static LogFile log;
private static SnmpV2Packet response;
private static UdpTarget target;

static void Main(string[] args)
{
    try
    {
        log = new LogFile(args[0]);
        target = new UdpTarget((IPAddress)new IpAddress("<host address>"));

        Pdu pdu = new Pdu();
        pdu.Type = PduType.Set;
        pdu.VbList.Add(new Oid("1.3.6.1.4.1.2356.11.2.88.2.0"), new Integer32(1111));

        AgentParameters aparam = new AgentParameters(SnmpVersion.Ver2, new OctetString("public"));

        response = (SnmpV2Packet)target.Request(pdu, aparam);

    }
    catch (Exception ex)
    {
        log.LogError("Request failed with the exception " + ex, "Main");
        target.Close();
        return;
    }

    if (response == null)
    {
        log.LogError("Error in SNMP request", "Main");
    }
    else
    {
        //If an incorrect response
        if (response.Pdu.ErrorStatus != 0)
        {
            log.LogError("SNMP agent returned error status " + response.Pdu.ErrorStatus, "Main");
        }
        //If a successful response
        else
        {
            log.LogInfo("Value of the " + response.Pdu[0].Oid.ToString() + "changed to " + response.Pdu[0].Value.ToString(), "Main");
        }
    }

    target.Close();
    log.CloseLogFile();
}

This is the part related to the variable in the MIB file

-- {SCALAR} 1.3.6.1.4.1.2356.11.2.88.2
lcsSetupWirelessEpaperPort OBJECT-TYPE
    SYNTAX     Integer32 (0..65535)
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
            "-- empty --"
    ::= { lcsSetupWirelessEpaper 2 }

I tired same using Net-SNMP on the command line also. but the result was same.

Can someone please tell me what would be the issue and what I is the point I am missing here.

Thank you.

diyath.nelaka
  • 163
  • 12

1 Answers1

0

A "no-access" (SNMP error code 6) could also indicate that SNMP community you are using ( I'm guessing it's "public" ) does not have write access. A monitoring system, for instance, should be able to read (GET) certain values, but not write (SET) them. From a security point-of-view, it is desirable to use a SNMP community that only has read access in this case.

Check the SNMP community configuration of your AP, to make sure it has write access. I would suggest adding a new community with write access, rather than changing access for "public".

L. O. van Ingen
  • 210
  • 1
  • 10
  • yes that was the issue. public community only has the read only access to the AP. Thanks. – diyath.nelaka Mar 16 '17 at 12:00
  • I tried this again using "private" community string instead of "public" with the same SNMP version (SNMP version 2). but then it always gives "Request has reached maximum retries" error message. the AP I'm going to connect requests a user name and password when connecting to the AP's web portal. So do I need to provide those user name and password while doing the SNMP request ? If so can you please say how ? I tried using SNMP version 3 also with the user name and password. but during the "discovery method" which uses in SNMP version 3, it gives same retry count error as earlier. – diyath.nelaka Mar 17 '17 at 05:57
  • I'm not sure, but somehow the snmpget-request appears to timeout and after a set amount of timeouts [mentioned here...](http://snmpsharpnet.sourceforge.net/ver0-2-1024/class_snmp_sharp_net_1_1_target.html) you will get this error. Basically you're not receiving a response, not even one that contains an error message. There can be numerous reasons for that; but assuming you have ruled out network issues (ACL/firewalls) blocking the traffic, it might also be possible that the "private" community is present in the AP, but not active yet. – L. O. van Ingen Mar 17 '17 at 07:59