cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3238
Views
0
Helpful
5
Replies

SNMP Authentication Failure

Manoj Wadhwa
Level 1
Level 1

Hi,

One one of my routers, i get the below log error.

Aug 21 19:55:40.053 CHN: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host A.B.C.D

Aug 21 20:00:56.987 CHN: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host A.B.C.D

The SNMP config is as below.

snmp-server community XXXXXXXXXXXXXXX RO 80

snmp-server community XXXXXXXXXXXXXXXX RW 81

snmp-server trap-source Loopback10

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps config

snmp-server enable traps bgp

snmp-server enable traps syslog

snmp-server host A.B.C.D XXXXXXXXXXXXXXXXxx snmp

I have verified that the SNMP strings configured on our Cisco works is fine. Also the backup for this device is success every week. Not sure why i still receive this error. Your assistance is highly appreciated.

Regards,

Manoj

5 Replies 5

purohit_810
Level 5
Level 5

Hi Manoj,

%SNMP-3-AUTHFAIL : Authentication failure for SNMP req from host [dec].[dec].[dec].[dec]

Explanation An SNMP request was sent by the host at the address [dec].[dec].[dec].[dec], but the request PDU was not properly authenticated.

Recommended Action Make sure that the community and user name that are used in the SNMP request from the remote host have been configured on the router

____________________________________________

You have used 80 and 81 that are Access-lists, can you verify access-list are there or not????????

If not.. Please put below two access-lists:

access-list 80 permit source [source wildcard]

access-list 81 permit source [source wildcard]

Regards,

Dharmesh

purohit_810
Level 5
Level 5

snmp-server host A.B.C.D XXXXXXXXXXXXXXXXxx snmp

snmp-server community XXXXXXXXXXXXXXX RO 80

""""" Note: XXXXXXXXXXXX mean keys must be match.""" case sensitive.

Regards,

Dharmesh Purohit

David Stanford
Cisco Employee
Cisco Employee

Most likely an NMS is polling with an incorrect comm string. You could add the acl previously mentioned to block it, also could enable snmp debugs to get more specifics on what is being polled and from where to see who might be doing this

Try to use a freeware like GETIF & getting SNMP data from the Router.

before that include the PC address on which you are installing into the ACl

Is there any NAt deviced between the Router & the Poller ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco