While everything works by default on SNMPv2, new commands need to be added to Cisco switches when using SNMPv3 to expose per VLAN values for the MIB which UDT polls. Information on why this is needed can be found here.
All UDT versions
According to Cisco, SNMPv2 and SNMPv3 work quite differently when polling BRIDGE-MIB which contains these layer 2 values.
Do the following steps to resolve this issue:
1. If there are devices, for example, on VLANs 3, 10, and 41 on a certain switch, the following commands need to be added:
Another option for a command is to use the following:
This second command is only accepted on some Cisco devices, but it indicates to the device to match the context up to any vlan that starts with vlan-.
2. Depending on the configuration, the views to these commands may also need to be appended like the following:
Snmp-server group YourGroupName v3 priv context vlan-3 read YourViewName
Snmp-server group YourGroupName v3 priv context vlan-10 read YourViewName
Snmp-server group YourGroupName v3 priv context vlan-41 read YourViewName
3. If the customer has access lists configured that they want to apply to the authorization, then you simple add at the end the access switch with the ACL number you need
Note: According to Cisco, there is no single command that will expose all existing VLANs, but a match prefix can come close to it. As these commands are added, layer 2 data should start to appear while still polling via SNMPv3.
For more information, see the following links:
SNMP v3 Query for Profiling in the Cisco website.
Problems with Switch Port Mapper and SNMPv3? article in Thwack.