Summary
When you try to get information from the SNMP, the network interface “eth0” of InterSan Web Security Virtual Appliance (IWSVA) shows “0”:
[root@xxx2~]# snmpwalk -v2c -c Something 192.168.1.12 | grep ifSpeed
RFC1213-MIB::ifSpeed.1 = Gauge32: 10000000
RFC1213-MIB::ifSpeed.2 = Gauge32: 0
RFC1213-MIB::ifSpeed.1 = Gauge32: 10000000
RFC1213-MIB::ifSpeed.2 = Gauge32: 0
[root@xxx2 ~]# snmpwalk -v2c -c Something 192.168.1.12 | grep ifDescr
RFC1213-MIB::ifDescr.1 = STRING: "lo"
RFC1213-MIB::ifDescr.2 = STRING: "eth0"
RFC1213-MIB::ifDescr.1 = STRING: "lo"
RFC1213-MIB::ifDescr.2 = STRING: "eth0"
Details
This is a known issue in IWSVA.
The SNMP daemon uses ethtool to determine the speed of network interfaces. The network interface speed report shows incorrect information because the security SNMP daemon is being run as non-root user. The security risk of requiring SNMP daemon to run as root far outweighs the risk of denial-of-service.
If you want to get the correct IWSVA eth0 speed report, write the following information in static to the /etc/iscan/tmsnmpd.conf file:
interface eth0 6 1000000000
Restart the IWSVA service using “/usr/iwss/rcIwss restart” to reflect the change made.