Suggestion: Add AES-256 support

Started by Carlos

Carlos

Suggestion: Add AES-256 support   04 February 2020, 17:15

Hello,
I am looking for a product like your Port Mapper, but I need one that supports AES 256 for SNMPv3.

Also, when I tested with AES 128, it could retrieve switch info (name, uptime, location, contact, serial number), but failed to retrieve port info and MAC addresses. This was for a Cisco 2960X. In the command line version, I get some switch info and then:
On switch1 reading interfaces
On switch1 reading bridges
Division by zero
I see the GUI version has a MAC address database with the IP/switch/date/time, which is cool, but I don't know if it uses a real database to store the info and can be updated by the command line version (for example by having it run on a schedule to keep scanning the switches and update the database). We could then use the export to HTML feature to update a webpage on a server so users can do lookups.

And finally, is the MAC address database info that is shown in the GUI stored in a file and can it be updated (instead of flushed) after each run? Hopefully we can get the same database updates from the command line version so we can schedule it to run at regular intervals. We would like to have a historical view of all the MAC addresses (and associated IPs, switch ports, etc) seen in our network with the first time seen and the last time seen fields. We need the database so we can integrate it with our cabling information (switch port to desk port mapping) to identify the last office location of a particular IP. We do this manually now and need to automate the process. Your tool seems to almost provide us what we need.
SoftPerfect Support forum - Ann avatar image
Ann

Re: Suggestion: Add AES-256 support   05 February 2020, 12:49

Thank you for your feedback. We'll definitely consider your suggestion. As far as I understand, the official SNMP RFC only defines AES128, but it shouldn't be too hard to add AES192 and AES256; after all it's just a different key size.

Regarding the issue you had with Cisco 2960X. The division by zero error suggests something went wrong or unexpected data was received from the switch. It's probably the same reason why the GUI version did not display anything.

As to updating the database: the console version does not update it. It's completely standalone for using in scripts and doesn't use any configuration defined in GUI. There is a couple of ways to have an up-to-date database:
  • You could run the GUI on schedule as it takes the same command line arguments as the console version, and it will update the database each time it runs. The database is stored in a regular SQLite DB that you can read with your own tools or scripts.
  • Or you could use the console version, parse XML or JSON output, and place the data in your own database if you already have one.
SoftPerfect Support forum - Ann avatar image
Ann

Re: Suggestion: Add AES-256 support - Done   05 February 2020, 17:56

Update: we have fixed the "division by zero" issue and implemented AES-192 and AES-256 support (this is likely to work with Cisco devices only, since it's not a part of the standard). Until the next official release, you can download the latest build here.

SoftPerfect support forum

Sometimes you can find a solution faster if you try the forum search, have a look at the knowledge base, or check the software user manual to see if your question has already been answered.

Our forum rules are simple:

  • Be polite.
  • Do not spam.
  • Write in English. If possible, check your spelling and grammar.

Author:

Subject

A brief and informative title for your message, approximately 4–8 words:

     

Spam prevention: please enter the following code in the input field below.

 **     **  **    **        **  ********   **    ** 
 **     **  ***   **        **  **     **  ***   ** 
 **     **  ****  **        **  **     **  ****  ** 
 *********  ** ** **        **  **     **  ** ** ** 
 **     **  **  ****  **    **  **     **  **  **** 
 **     **  **   ***  **    **  **     **  **   *** 
 **     **  **    **   ******   ********   **    ** 

Message: