08-25-2009 12:10 AM
We've enabled SNMP authentication traps on our managed devices. In DFM we do see incoming traps but not able to display the source of the SNMP packet. Is it possible to modify DFM to show the source device initiating the SNMP query?
08-25-2009 07:59 AM
There is no supported way to modify DFM to show the manager source for the authFail. However, a patch exists from TAC to add support for the Cisco-specific authFail trap. DFM will then show the source address.
08-27-2009 05:09 AM
Thanks! FYI this patch is included in DFM 3.2.0 (LMS 3.2) After upgrading we do so the actual IP address of the unauthenticated source. However, I'm still surpised that the log on my SNMP access-list doesn't show any hits and the source ip
08-27-2009 08:56 AM
No, you wouldn't because the SNMP access-lists are tied to community strings. If the host polls with the wrong community string, an authFail will be generated, but an ACL hit will not occur.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide