the Cisco EPC3008, SNMP show only part of MIBs, mainly standard IETF MIBs, but private enterprises MIB entities are hidden.
Private MIBs are accessible for console commands, though. How to unhide these MIBs, to access them via standard SNMP, over UDP port?
Never heard of that before (I don't have EPC3008 though)
So you cant see them with a snmpwalk from your management station?:
snmpwalk -v2c -c $COMMUNITY $CM_IP enterprises
@mbowe I tested within my LAN use local IP address 192.168.100.1 (modem is not connected cable plant with private IP address range (10.x.x.x)
snmpwalk -v 2c -c public 192.168.100.1 iso.3.6.1
it it only returns 426 objects:
https://pastebin.com/B7TjwP4v
and completely missing private enterprise MIB tree, for example,
1.3.6.1.4.1.1429
1.3.6.1.4.1.4413
@kwesibrunee, when I try get an enterprise OID, it returns 'No Such Object available on this agent at this OID'
while these private enterprise MIBs are included in modem SNMP Agent, and they are accessible via snmp get/set when I connect to modem use CLI serial console interface.
Testing from LAN isn't going to work
Modem is probably hiding most values for security reasons (you wouldnt want an end-user snooping around in those private/vendor mibs)
Typically all SNMP is blocked from LAN. Perhaps OK to have some basic counters available there for end users who want to graph.
You need to plug the modem into cable network, and snmpwalk the CM IP. Then you should be able to get full access.
> Testing from LAN isn't going to work
is this behavior determined by some particular settings? Which?
what happens if you try and walk an enterprise OID do you get a no such object or do you get responses?
Could be two different things:
some private mibs are only meant to be set in a modem config file and reading of the value is denied
some modems, don't respond on the enterprise oids unless you start your walk on the root of the enterprise mibs, this was common way back when, but haven't seen that in a while
@mbowe yes, you're right, when modem is online snmpwalk show much more enterprise OIDs, but still not all. For example, many Broadcom enterprises OIDs for system configuration still are hidden. So its probably security feature. Also, some private OIDs that should be configurable, in fact, doesn't allow configuration:
saCmMtaCliAccessType.0 disable(0)
saCmMtaCliAccessInterface.0
saCmMtaCliAccessUsername.0
saCmMtaCliAccessPassword.0
How then these are configured?