I am receiving a loooot of e-mails alerts (60-70 alert per day) from the LMS notifications
The below alert is what i am receiving:
ALERT ID = 0000AWC
TIME = Tue 12-May-2009 16:19:45 EEST
STATUS = Active
SEVERITY = Critical
MANAGED OBJECT = 172.16.99.1
MANAGED OBJECT TYPE = Switches and Hubs
EVENT DESCRIPTION = 172.16.99.1: Authentication Failure:MinorAlarm; 172.16.99.1:Unresponsive;
CUSTOMER IDENTIFICATION = 1
CUSTOMER REVISION = 1
After searching in the forum and on cisco, i found that this error could be caused by some1 trying to access the switch using a wrong snmp community
So i created an access-list:
access-list 3 permit 192.168.100.1
access-list 3 deny any log
snmp-server community snmpcom RO 3
I made sure that the LMS IP(192.168.100.1) has the correct community configured. ( i did the self test).
The following day i kept receiving the same notifications, and there was no MATCHING on the deny IP any in the access-list,so that confused as i made sure that no one else is trying to access the router.
Can any one advise what could be done further to troubleshoot the problem??
Note that they have Dot1x configured globally on the switch:
logging size 500
but it is not configured under any physical interface