Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2336
Views
5
Helpful
3
Replies

Cryptic authentication failure message in PI

bart.t
Level 1
Level 1

‎02-26-2015 05:04 AM

We've a 8510 WLC (running 7.6.130.0) in HA setup, working fine.

However, in Prime Infrastructure (2.1) managing this 8510 I see the following error message/event a lot:

General Info
Failure Source <wlc_name>
Category Wireless Controller
Generated Thu Feb 26 2015 13:13:52 CET
Generated By Wired Switch
Device IP Address <wlc_ip>
Severity Minor

Messages
Device '<wlc_ip>'. Authentication failed for request from 'Unknown'.

 

Always three at a time (same contents), with sometimes 2 minutes and sometimes more then an hour between them.

Attached is a screenshot of one of those messages.

 

I checked the controller with a 'debug aaa events enable' but came up with nothing. Also both the RADIUS and TACACS+ log on the ACS, but no mention of anything failed.

 

I've no idea where to look. Any ideas?

2 people had this problem
Labels:
Preview file
34 KB
0 Helpful
3 Replies 3

Peter Wright
Level 1
Level 1

‎06-01-2015 09:35 PM

Ditto.

 

Have the same issue between Prime 2.2 and 5508 WLCs running 7.6.130.0

0 Helpful

theodoxa1
Level 1
Level 1
In response to Peter Wright

‎01-16-2016 10:18 AM

I'm having the same Alarm from my ASA. The strange thing is it doesn't show up in the Alarm Summary at the bottom right, but only when I bring up information for the ASA or view the network topology. I checked my logs from the ASA itself and no authentication failures were logged, only the usual constant (blocked) attempts to reach various common ports.

0 Helpful

William Mackey
Level 1
Level 1

‎07-12-2017 09:12 AM

I know this is an older thread, but its coming up as the first hit still in searches.

It is an SNMP authentication error. The endpoints sending the traffic to the Device are either misconfigured to send SNMP traps or the passwords are not correct.

From Cisco:

Device ''{}''. Authentication failed for request from ''{}''.

An authenticationFailure trap signifies that the SNMPv2 entity; acting in an agent role; has received a protocol message that is not properly authenticated.  While all implementations of the SNMPv2 must be capable of generating this trap; the snmpEnableAuthenTraps object indicates whether this trap will be generated.

You can turn off the trap on the reporting device or repair the end point sending the trap.

Hope that helps.

Reference spread sheet url

Preview file
87 KB
Customers Also Viewed These Support Documents