Details
-
Bug
-
Resolution: Fixed
-
Medium
-
3.1.2, 3.1.4, 3.1.8, Mindville - Pre Bundled
-
11
-
Severity 3 - Minor
-
1
-
Description
Issue Summary
When the Discovery Tool (v.3.0.3.1) is used to scan SNMP devices given sufficient Credentials:
We see that if credentials are assigned to ALL Scan Settings or if multiple credentials are assigned to One Scan Setting - a device, once responds to a Ping will:
a. Be attempted login using Host credentials - false
b. attempted login by SNMP credentials - true
c. the Device will be scanned using the Deviceinfo Pattern execution. Some SNMP results are logged and the Pattern execution is finished successfully
d. more device credentials will be attempted, and fail to connect
e. the Scan Result Zip will have the Devices saved as Basic Hosts, showing "No Working Credentials" (REJECTED Status if imported)
Steps to Reproduce
- Setup the Discovery tool to scan an IP range of various SNMPv3 devices (e.g. Printers)
- Add some Host Credentials (e.g. Windows) and some SNMPv3 credentials (More than - all assigned to ALL Scan Settings
- Execute a scan and inspect the result zip / import into Insight
Expected Results
All devices are scanned with SNMPv3 credentials.
When imported into Insight - these show as Device Objects with the information gathered.
Actual Results
Devices are showing in the Scan Result XML as Basic Hosts with No Working Credentials.
If imported, Basic Hosts will be created, showing only basic information and the REJECTED Status.
In the discovery tool DEBUG log file:
24.08.2021 13:17:12 : Start Scan Thread: 00001 IP: 172.19.0.215 TaskID: 0000000570 24.08.2021 13:17:12 : Start getting HostInfo. 24.08.2021 13:17:12 : Start Scan: 172.19.0.215 24.08.2021 13:17:12 : Ping 172.19.0.215 --> Success ResponseTime=0ms TTL=63 24.08.2021 13:17:12 : We have 5 credentials in total. 24.08.2021 13:17:12 : 0 Known-Credentials found. 24.08.2021 13:17:12 : 0 credentials found. 24.08.2021 13:17:12 : No working credential for 172.19.0.215 24.08.2021 13:17:12 : Try getting basic information for 172.19.0.215 24.08.2021 13:17:12 : Getting Hostname: KxxxxC1F.ad.tab.lan 24.08.2021 13:17:12 : Total used scan time 0,1200097 seconds. 24.08.2021 13:17:12 : Finish scan for 172.19.0.215 24.08.2021 13:17:12 : Getting 1 HostInfo (RAW) 24.08.2021 13:17:12 : Start getting DeviceInfo. 24.08.2021 13:17:12 : We have 1 possible known credentials for the ip 172.19.0.215 24.08.2021 13:17:12 : Sending message request... 24.08.2021 13:17:12 : Processing 1 SNMP results. 24.08.2021 13:17:12 : Trying SNMP-Connection (SNMP_V3) (49ffa871-7533-4dc2-9fb4-ee7172bd929c) to 172.19.0.215 - used 0,014713 seconds - result: True 24.08.2021 13:17:12 : Connected to 172.19.0.215 with Device-Credential: 49ffa871-7533-4dc2-ee7172bd929c 24.08.2021 13:17:12 : Using pattern: SNMP_Deviceinfo_Default.pat (v3.3.0) 24.08.2021 13:17:12 : Sending message request... 24.08.2021 13:17:12 : Processing 5 SNMP results. 24.08.2021 13:17:12 : starting SNMP_Deviceinfo_Default.pat 24.08.2021 13:17:12 : Command: 1.3.6.1.2.1.1.3.0;1.3.6.1.2.1.1.4.0;1.3.6.1.2.1.1.5.0;1.3.6.1.2.1.1.6.0;1.3.6.1.4.1.2021.4.5.0 24.08.2021 13:17:12 : Result: 1.3.6.1.2.1.1.3.0: 6d 4h 49m 1.3.6.1.2.1.1.5.0: KxxxxF24.08.2021 13:17:12 : Command: 1.3.6.1.2.1.1.3.0;1.3.6.1.2.1.1.4.0;1.3.6.1.2.1.1.5.0;1.3.6.1.2.1.1.6.0;1.3.6.1.4.1.2021.4.5.0 24.08.2021 13:17:12 : Result: 1.3.6.1.2.1.1.3.0: 6d 4h 49m 1.3.6.1.2.1.1.5.0: KxxxxxF24.08.2021 13:17:12 : ending SNMP_Deviceinfo_Default.pat 24.08.2021 13:17:12 : pattern executed in 0,0112242 seconds 24.08.2021 13:17:12 : Getting Device information: KxxxxF 24.08.2021 13:17:12 : Using pattern: SNMP_Deviceinfo_Network.pat (v3.1.0) 24.08.2021 13:17:12 : Processing 22 SNMP results. 24.08.2021 13:17:12 : Processing 1 SNMP results. 24.08.2021 13:17:12 : starting SNMP_Deviceinfo_Network.pat 24.08.2021 13:17:12 : Command: 1.3.6.1.2.1.2.2.1; 1.3.6.1.2.1.4.20.1.2 24.08.2021 13:17:12 : Result: 1.3.6.1.2.1.2.2.1.1.1: 1 1.3.6.1.2.1.2.2.1.2.1: eth0 1.3.6.1.2.1.2.2.1.3.1: 6 1.3.6.1.2.1.2.2.1.4.1: 1500 1.3.6.1.2.1.2.2.1.5.1: 1000000000 1.3.6.1.2.1.2.2.1.6.1: 0017D1234C1F 1.3.6.1.2.1.2.2.1.7.1: 1 1.3.6.1.2.1.2.2.1.8.1: 1 1.3.6.1.2.1.2.2.1.10.1: 116292667 1.3.6.1.2.1.2.2.1.11.1: 1743460 1.3.6.1.2.1.2.2.1.12.1: 0 1.3.6.1.2.1.2.2.1.13.1: 0 1.3.6.1.2.1.2.2.1.14.1: 0 1.3.6.1.2.1.2.2.1.15.1: 0 1.3.6.1.2.1.2.2.1.16.1: 44532303 1.3.6.1.2.1.2.2.1.17.1: 129158 1.3.6.1.2.1.2.2.1.18.1: 0 1.3.6.1.2.1.2.2.1.19.1: 0 1.3.6.1.2.1.2.2.1.20.1: 0 1.3.6.1.2.1.2.2.1.21.1: 0 1.3.6.1.2.1.2.2.1.22.1: 0.0 1.3.6.1.2.1.4.20.1.2.172.19.0.215: 124.08.2021 13:17:12 : NIC ID: 1 24.08.2021 13:17:12 : MAC: 00:17:c8:nn:nn:nn 24.08.2021 13:17:12 : ending SNMP_Deviceinfo_Network.pat 24.08.2021 13:17:12 : pattern executed in 0,0717419 seconds 24.08.2021 13:17:12 : Total used scantime 0,1423774 seconds. 24.08.2021 13:17:12 : We have 3 credential(s) configured for all Scan-Settings. 24.08.2021 13:17:12 : Remove credential 49ffa871-7533-4dc2-ee7172bd929c as it was already tried as known credential. 24.08.2021 13:17:12 : We have 2 possible unknown credentials for the ip 172.19.0.215 24.08.2021 13:17:12 : Sending message request... 24.08.2021 13:17:12 : According to RFC 3414, send a second request to sync time... 24.08.2021 13:17:12 : Trying SNMP-Connection (SNMP_V3) (3eaf43bb-3396-4882-335b7fbe9bd9) to 172.19.0.215 - used 0,0114152 seconds - result: False 24.08.2021 13:17:12 : Total used scantime 0,0121695 seconds. 24.08.2021 13:17:12 : Sending message request... 24.08.2021 13:17:12 : According to RFC 3414, send a second request to sync time... 24.08.2021 13:17:12 : Trying SNMP-Connection (SNMP_V3) (df45cc5a-7c3c-48ff-e9c78cb76503) to 172.19.0.215 - used 0,0116106 seconds - result: False 24.08.2021 13:17:12 : Total used scantime 0,0122673 seconds. 24.08.2021 13:17:12 : Getting 0 DeviceInfo (RAW) 24.08.2021 13:17:12 : Start getting SNMP HostList. 24.08.2021 13:17:12 : We have 1 possible known credentials for the ip 172.19.0.215 24.08.2021 13:17:12 : Sending message request... 24.08.2021 13:17:12 : Processing 1 SNMP results. 24.08.2021 13:17:12 : Trying SNMP-Connection (SNMP_V3) (49ffa871-7533-4dc2-ee7172bd929c) to 172.19.0.215 - used 0,0029007 seconds - result: True 24.08.2021 13:17:12 : Connected to 172.19.0.215 with Device-Credential: 49ffa871-7533-4dc2-ee7172bd929c 24.08.2021 13:17:12 : Getting 0 SNMP Hosts (RAW) 24.08.2021 13:17:12 : Finished Scan Thread: 00001 IP: 172.19.0.215 TaskID: 0000000570
Workaround
Group Devices into Separate Scan Settings (IP addresses), based on their Credentials, e.g.:
Device 1,2,3 (IP range 192,168,0,1-3) in Scan Setting n
Device 4,5,6 (IP range 192,168,0,4-6) in Scan Setting m
Then assign One Credential per Scan Settings:
e.g. SNMPv3 credentials 1 to Scan Setting n
SNMPv3 credentials 1 to Scan Setting m