cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
481
Views
0
Helpful
3
Replies

DFM SNMP Authentication Trap Failures (source)

vergeerf
Level 1
Level 1

We've enabled SNMP authentication traps on our managed devices. In DFM we do see incoming traps but not able to display the source of the SNMP packet. Is it possible to modify DFM to show the source device initiating the SNMP query?

3 Replies 3

Joe Clarke
Cisco Employee
Cisco Employee

There is no supported way to modify DFM to show the manager source for the authFail. However, a patch exists from TAC to add support for the Cisco-specific authFail trap. DFM will then show the source address.

Thanks! FYI this patch is included in DFM 3.2.0 (LMS 3.2) After upgrading we do so the actual IP address of the unauthenticated source. However, I'm still surpised that the log on my SNMP access-list doesn't show any hits and the source ip

No, you wouldn't because the SNMP access-lists are tied to community strings. If the host polls with the wrong community string, an authFail will be generated, but an ACL hit will not occur.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: