Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

DFM SNMP Authentication Trap Failures (source)

We've enabled SNMP authentication traps on our managed devices. In DFM we do see incoming traps but not able to display the source of the SNMP packet. Is it possible to modify DFM to show the source device initiating the SNMP query?

3 REPLIES
Cisco Employee

Re: DFM SNMP Authentication Trap Failures (source)

There is no supported way to modify DFM to show the manager source for the authFail. However, a patch exists from TAC to add support for the Cisco-specific authFail trap. DFM will then show the source address.

New Member

Re: DFM SNMP Authentication Trap Failures (source)

Thanks! FYI this patch is included in DFM 3.2.0 (LMS 3.2) After upgrading we do so the actual IP address of the unauthenticated source. However, I'm still surpised that the log on my SNMP access-list doesn't show any hits and the source ip

Cisco Employee

Re: DFM SNMP Authentication Trap Failures (source)

No, you wouldn't because the SNMP access-lists are tied to community strings. If the host polls with the wrong community string, an authFail will be generated, but an ACL hit will not occur.

144
Views
0
Helpful
3
Replies
CreatePlease to create content