08-21-2007 04:18 AM - edited 03-03-2019 06:24 PM
Hi,
One one of my routers, i get the below log error.
Aug 21 19:55:40.053 CHN: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host A.B.C.D
Aug 21 20:00:56.987 CHN: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host A.B.C.D
The SNMP config is as below.
snmp-server community XXXXXXXXXXXXXXX RO 80
snmp-server community XXXXXXXXXXXXXXXX RW 81
snmp-server trap-source Loopback10
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps config
snmp-server enable traps bgp
snmp-server enable traps syslog
snmp-server host A.B.C.D XXXXXXXXXXXXXXXXxx snmp
I have verified that the SNMP strings configured on our Cisco works is fine. Also the backup for this device is success every week. Not sure why i still receive this error. Your assistance is highly appreciated.
Regards,
Manoj
08-21-2007 04:53 AM
Hi Manoj,
%SNMP-3-AUTHFAIL : Authentication failure for SNMP req from host [dec].[dec].[dec].[dec]
Explanation An SNMP request was sent by the host at the address [dec].[dec].[dec].[dec], but the request PDU was not properly authenticated.
Recommended Action Make sure that the community and user name that are used in the SNMP request from the remote host have been configured on the router
____________________________________________
You have used 80 and 81 that are Access-lists, can you verify access-list are there or not????????
If not.. Please put below two access-lists:
access-list 80 permit source [source wildcard]
access-list 81 permit source [source wildcard]
Regards,
Dharmesh
08-21-2007 05:19 AM
snmp-server host A.B.C.D XXXXXXXXXXXXXXXXxx snmp
snmp-server community XXXXXXXXXXXXXXX RO 80
""""" Note: XXXXXXXXXXXX mean keys must be match.""" case sensitive.
Regards,
Dharmesh Purohit
08-21-2007 06:47 PM
Most likely an NMS is polling with an incorrect comm string. You could add the acl previously mentioned to block it, also could enable snmp debugs to get more specifics on what is being polled and from where to see who might be doing this
08-22-2007 05:53 AM
Try to use a freeware like GETIF & getting SNMP data from the Router.
before that include the PC address on which you are installing into the ACl
08-22-2007 05:54 AM
Is there any NAt deviced between the Router & the Poller ?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: