Got it

SNMP client cannot get the snmp reply packets

Latest reply: Dec 29, 2018 05:37:36 604 3 5 0 0

[Problem Description]

SNMP client cannot get the snmp reply packets

 

[Problem Analysis]

through  analyzed the configurationthere is an fault of the session reply SNMP

[Huawei-diagnose]dis nat session all

  NAT Session Table Information:

     Protocol          : UDP(17)

     SrcAddr  Port Vpn : 10.71.244.152   1701                                

     DestAddr Port Vpn : 111.35.80.130   1701                                

     NAT-Info

       New SrcAddr     : 10.71.244.152 

       New SrcPort     : 49151

       New DestAddr    : ----

       New DestPort    : ----

     Protocol          : UDP(17)

     SrcAddr  Port Vpn : 172.19.126.10   161                                 

     DestAddr Port Vpn : 192.168.100.10  55679                               

     NAT-Info

       New SrcAddr     : 10.1.1.146    

       New SrcPort     : 10969

       New DestAddr    : ----

       New DestPort    : ---

 

The reference link is below

http://support.huawei.com/hedex/hdx.do?lib=EDOC1000163884DEG08147&docid=EDOC1000163884&lang=en&v=06&tocLib=EDOC1000163884DEG08147&tocV=06&id=dc_cfg_NAT_0009_2&tocURL=resources%252fdc%252fdc%255fcfg%255fNAT%255f0009%255fcopy%255fto%252ehtml&p=t&fe=1&ui=3&keyword=nat&text=Configuring%25252BDynamic%25252B%2525253Cb%2525253ENAT%2525253C%2525252Fb%2525253E%25252BFiltering%25252Band%25252BDynamic%25252B%2525253Cb%2525253ENAT%2525253C%2525252Fb%2525253E%25252BMapping

 

[Root Cause] 

The nat policy of the SNMP session outbound port number been translated to other port value lead to the SNMP client cannot receive the reply packets 

 

[Solution Description]

Configure the ACL not to source port translate

acl number 3002 

 rule 4 deny udp source-port eq 161

This post was last edited by lizhi94 at 2018-12-29 03:46.
  • x
  • convention:

4am
Created Dec 29, 2018 03:05:29

Therefore, it is recommended that customers add ACLs to the planned networks.
View more
  • x
  • convention:

yjhd
Created Dec 29, 2018 03:17:34

  • x
  • convention:

Finn92
Created Dec 29, 2018 05:37:36

so this is NAT outbound configure wrong ,got it . thanks a lot .
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.