A network engineer notices that an SNMPv3 poll from the NMS to router R1 fails with an authentication error. The engineer has configured 'snmp-server group ADMIN v3 priv' and 'snmp-server user admin ADMIN v3 auth sha cisco123 priv aes 128 cisco456'. The NMS is configured with the same credentials. What is the most likely cause of the failure?
Trap 1: The SNMP user password must be at least 8 characters; 'cisco123' is…
Incorrect because SNMPv3 passwords do not have a minimum length of 12; 8 characters is acceptable for SHA.
Trap 2: The NMS is using SNMPv2c, which is incompatible with SNMPv3…
Incorrect because the symptom is an authentication error, not a version mismatch; version mismatch would show a different error.
Trap 3: The 'priv' keyword in the group definition should be 'auth' instead…
Incorrect because 'priv' in the group defines the security level; the user can have 'priv' even if the group is set to 'priv'.
- A
The SNMP group is missing the 'access' ACL that permits the NMS IP address.
Correct because SNMPv3 requires an access list on the group to allow the NMS; without it, the NMS is denied despite correct credentials.
- B
The SNMP user password must be at least 8 characters; 'cisco123' is only 8, but the hash algorithm requires a minimum of 12 characters.
Why wrong: Incorrect because SNMPv3 passwords do not have a minimum length of 12; 8 characters is acceptable for SHA.
- C
The NMS is using SNMPv2c, which is incompatible with SNMPv3 configuration.
Why wrong: Incorrect because the symptom is an authentication error, not a version mismatch; version mismatch would show a different error.
- D
The 'priv' keyword in the group definition should be 'auth' instead to match the user's authentication settings.
Why wrong: Incorrect because 'priv' in the group defines the security level; the user can have 'priv' even if the group is set to 'priv'.