First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

protocol show as UDP instead of SNMP

  • retag add tags

I have a small pcap of an snmp v3 report then get for sysUpTime.0
I've added the right v3 username, encryption and privacy protocols and their respective passwords into the User Table under preferences->SNMP
I've added the path to the MIB directory.
But Wireshark doesn't appear to recognise the data as SNMP.
When I open the pcap, the Protocol column shows as UDP, not SNMP.
I tried right click -> decode as ... and looked for SNMP, in the list of Current values, but it isn't there.
I've uninstalled and reinstalled WS, I am on the latest version.
What am I doing wrong?

mikodell's avatar
1
mikodell
asked 2019-04-03 07:45:00 +0000
edit flag offensive 0 remove flag close merge delete

Comments

You may also get an answer faster if you provide a link to the packet capture (hosted on dropbox, gdrive, etc.).

Ross Jacobs's avatar Ross Jacobs (2019-04-03 13:56:04 +0000) edit
more
  • delete

I tried right click -> decode as ... and looked for SNMP, in the list of Current values, but it isn't there.

So you right clicked on a UDP packet, popped up "Decode As...", double-clicked the "Current" column in the new row, and clicked on the right-hand end of the item that showed up, and the scrollable list doesn't have SNMP but has other protocols?

Guy Harris's avatar Guy Harris (2019-04-03 21:15:35 +0000) edit
more
  • delete
add a comment see more comments

1 Answer

0

Check in the list of enabled protocols (Analyze | Enabled Protocols ...) that SNMP is enabled.

What port is your traffic on?

grahamb's avatar
23.8k
grahamb
answered 2019-04-03 09:31:51 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Thank you grahamb SNMP was the only protocol unchecked in Analzye->Enabled protocols 🤦‍♂️

mikodell's avatar mikodell (2019-04-04 00:31:35 +0000) edit
more
  • delete

@mikodell, Great, if an answer has solved your issue, please accept it so others will know that by checking the checkmark icon to the left pf the answer.

grahamb's avatar grahamb (2019-04-04 09:26:03 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer