We are receiving a large number of SNMP authentication failure traps from several routers. The odd thing is the "authAddr" variable that should contain the ip of the host that tried accessing the router with a bad community string shows "0.0.0.0".
Has anyone else experienced this?
Here is an example:
"1025198183 3 Thu Jun 27 13:16:23 2002 router-hostname A authenticationFailure trap received from enterprise cisco with 1 arguments: authAddr=0.0.0.0"
Thanks
Chris
|