Well something needs to be wrong somewhere. Have you tried restarting the switch? You might have a corrupt file, so you might need to delete the file p80c3717.img and then re-upload it to the switch.

You should see the 3DES file loaded from a ‘config info’ like so (this was run from a 5.1.2.0 software);

ERS-8610:6# config info

Sub-Context: clear config dump monitor mplsping mplstrace peer show switchover test trace wsm asfm sam
Current Context:

        load-encryption-module : 3DES File p80c5120.img
                       setdate : N/A
           mac-flap-time-limit : 500
            auto-recover-delay : 30

Good Luck!

Will you help me?
I’ve got a problem with the module on a passport 3DES 8010.
My image p80c37170.img, unable to load the software.

I can not load module 3DES.
In my logs I get the message:
SW ERROR Dynamic loading of 3DES encryption module failed, Module IS Already loaded.

I do not see the module to load when I type the command “config info” and when I run the SSH command he replied “no matching cipher found”.

All this worked well on other passport with the same software.

Do you have an answer to this problem?

Regards.

This is the first policy

sys access-policy policy 1 disable
sys access-policy policy 1 service ftp enable

I finally got the root cause of this issue. Someone changed the security name of community and that’s why the original community strings couldn’t match default groups for SNMPv1/v2.

Thanks for your kind help and advices.

That rule might be blocking you. I believe you can show the statistics of how many time each rule is fired or triggered although I can’t remember the command right now.

Cheers!

Thanks for your advices. I could access ERS8600 when I disabled the access policy and the global SNMP access is enabled from bootconfig flags. So, I am wondering what else I should setup for SNMP access with access policy.

Regards

If you disable the access policy can you access the switch via SNMP? This will help you determine if the problem is with the access policy or if the problem lies in your SNMP configuration.

You might want to make sure that someone hasn’t disabled SNMP globally from the bootconfig flags. You can check that by issuing a “show config bootconfig flags” command.

You might want to post the specific details of your problem over on the forums; http://forums.networkinfrastructure.info/nortel-ethernet-switching/

Good Luck!

I have a question about access policy for SNMP. The configuration below is the access policy on an ERS8600 and I also changed the default community to new one. But, I still can’t use SNMPv1/v2 to get data from ERS8600. Could you please let me know what I might miss ?

Thanks

sys access-policy policy 2 create
sys access-policy policy 2 accesslevel rwa
sys access-policy policy 2 name “mgmt access”
sys access-policy policy 2 precedence 1
sys access-policy policy 2 network 172.16.0.0/16
sys access-policy policy 2 service snmpv3 enable
sys access-policy policy 2 service telnet enable
sys access-policy policy 2 service tftp enable
sys access-policy policy 2 snmp-group-add readgrp snmpv1
sys access-policy policy 2 snmp-group-add readgrp snmpv2c
sys access-policy policy 2 snmp-group-add v1v2grp snmpv1
sys access-policy policy 2 snmp-group-add v1v2grp snmpv2c

Glad to hear you figured it out!

Cheers!