Problem with SNMP and Cisco Prime LAN Management Solution Version 4.1

Unanswered Question
Jan 3rd, 2012

We use Cisco Prime LAN Management Solution Version 4.1 to maintain and monitor our 1000 Switches.

In addition to this, we use Kiwi-Syslog.

Now I have a problem I can not find out. 2 of the switch (WS-C3750G-48PS-S) reports that the CW has tried to log on, but they were rejected because of error "Authentication failure"

The strange thing is that it pops up an error message with only seconds. I have checked the layout of the CW multiple times and run Device Credential Verification. Everything looks OK, but the error messages continue to flow on.

The last thing I did was to remove the Switch from CW, but it did not help either. CW is still trying to log on from
The error message I get is:

01-03-2012          12:22:49          Local7.Debug          community=xxxxx, enterprise=, enterprise_mib_name=snmpTraps, uptime=637958643, agent_ip=, generic_num=4, specificTrap_num=0, specificTrap_name=snmpTraps.0, version=Ver1, generic_name="Authentication failure", authAddr.0=,,

(I have changed the string with xxxx, but has assured me that it is correct)

I also have removed all references to the ACL lists and Both switches are running Version 12.2 (55) SE4

Anybody have a  good advice?


I enclose a printout from Sh SNMP

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marvin Rhoads Tue, 01/03/2012 - 06:10

You're not running SNMP v3 by any chance are you? Tue, 01/03/2012 - 06:28

Hi Marvin

Hi Marvin

No, not that I know of , except that I have activated something by mistake


. Wed, 01/04/2012 - 23:48

OK, Guys .. maybe a little difficult this issue, but does anyone have an idea of what it is CiscoWorks are doing when it asks Switchas often as 6 times per minute. Is there a log file I can check.

Thank you in advance for your help.


Marvin Rhoads Thu, 01/05/2012 - 05:51

During an acquisition discovery it would not be unusual to see snmp get / getnext walking through a device's MIB table. You can always use a packet capture tool on the CiscoWorks servers filtered to just the queried device in question and examine the requests.

Outside of the discovery process I would not expect to see that volume of queries unless an operator was performing specific actions on a device using CiscoWorks, Sun, 01/15/2012 - 13:31


Now I have analyzed the SNMP traffic with wireshark. It turns out that the CiscoWorkssend correct SNMP string, but it adds an @100 (xxxx@100).

I do not know how or where it happens. All tests on Credential Verification from CW says OK.

Hope some of you experts can tell what is wrong and how I can fix this up

I attach a picture from wireshark

Regards Jens

Norwegian Public Roads Administration, Norway


Login or Register to take actions

This Discussion

Posted January 3, 2012 at 5:57 AM
Replies:5 Overall Rating:
Views:1927 Votes:0
Categories: Cisco Prime

Related Content


Discussions Leaderboard

Rank Username Points
Marvin Rhoads
Martin Ermel
Michel Hegeraat
Rank Username Points
Marvin Rhoads
Nader Zamanzadeh
Toivo Voll
Scott Fella