Solved: Re: Authentication failure for SNMP req from host

Mark Bracking · ‎09-17-2010

I geeting the following error message "1d10h: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host x.x.x.x"

can someone please tell me what I don;t have configured correct.

Building configuration...

Current configuration : 1192 bytes

!

version 12.2

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 3640_2_2

!

ip subnet-zero

!

fax interface-type fax-mail

mta receive maximum-recipients 0

!

interface Ethernet0/0

ip address x.x.x.x 255.255.255.0

half-duplex

!

interface Ethernet0/1

no ip address

shutdown

half-duplex

!

interface Serial1/0

no ip address

shutdown

serial restart_delay 0

!

interface Serial1/1

no ip address

shutdown

serial restart_delay 0

!

interface Serial1/2

no ip address

shutdown

serial restart_delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart_delay 0

!

ip classless

ip http server

ip pim bidir-enable

!

access-list 1 permit x.x.x.x

!

snmp-server community your_community RW

call rsvp-sync

!

voice-port 3/0/0

!

voice-port 3/0/1

!

voice-port 3/1/0

!

voice-port 3/1/1

!

mgcp profile default

!

dial-peer cor custom

!

call-manager-fallback

transfer-pattern 52540

call-forward busy 50..

call-forward noan 5005 timeout 10

!

line con 0

logging synchronous

line aux 0

password tdd

logging synchronous

login

line vty 0 4

password todd

logging synchronous

login

!

End

thank you

Mark

Joe Clarke · ‎09-18-2010

This looks okay. An authFail indicates that someone is polling this device with the wrong community string. Check x.x.x.x to make sure there aren't any applications polling this device with wrong credentials.

Something else to note is that you should not be using '@' in your community strings. While this shouldn't really matter for routers, it's a good rule of thumb not to use '@' on Cisco devices as that character is reserved for community string indexing.

View solution in original post

Joe Clarke · ‎09-18-2010

This looks okay. An authFail indicates that someone is polling this device with the wrong community string. Check x.x.x.x to make sure there aren't any applications polling this device with wrong credentials.

Something else to note is that you should not be using '@' in your community strings. While this shouldn't really matter for routers, it's a good rule of thumb not to use '@' on Cisco devices as that character is reserved for community string indexing.

Recto Orpia · ‎08-02-2019

I'm getting similar issue on my Nexus devices.

So there was a storage server that is polls the devices even without the SNMP configurations on the Nexus device with below errors,

%SNMPD-3-ERROR: SNMP log error : snmp Auth fail:bad community name from host <x.x.x.x>

%SNMPD-3-ERROR: SNMP log error : snmp Auth fail:bad community name

Tried to configure properly the SNMP on the box with the matching SNMP strings but still getting similar errors.

I have the below configurations:

ACL_TEST:

7 permit udp x.x.x.x/32 any eq snmp [match=0]

snmp-server host x.x.x.x traps version 2c <community_string>
snmp-server host x.x.x.x use-vrf default

snmp-server community <community_string> use-acl <ACL_TEST>

snmp-server community <community_string> group network-operator

Any thoughts is much appreciated!