Re: [nv-l] Authentication failure traps

2005-09-07 07:12:26
Subject: Re: [nv-l] Authentication failure traps
From: Gareth Holl <gholl AT us.ibm DOT com>
To: nv-l AT lists.us.ibm DOT com
Date: Wed, 7 Sep 2005 07:12:18 -0400

The authentication traps are most likely generated by devices in your network such as routers and your routers have been configured to send their traps to your NetView Server. Your routers are generating authentication traps because somebody is sending SNMP requests to it with the wrong community name. Unless the SNMP agents on the routers are smart enough to include the IP address (in the trap it sends to NetView) of the device trying to access your router, you won't be able to tell from a NetView perspective who is causing it.

You could try looking at the router's SNMP log....maybe your routers log that detail. Or you could try monitoring the SNMP traffic going into the router using iptrace or tcpdump or......


Gareth Holl
Advisory Software Engineer
Team Technical Lead

ITIL Foundations Certified
IBM Certified Deployment Professional
--Tivoli Data Warehouse v1.2
--Tivoli Enterprise Console v3.8 Network Management

IBM Software Group - Tivoli Software
Research Triangle Park,  North Carolina, USA.

"Anvaj A B" <anvaj.aliyarukutty AT ustri DOT com>
Sent by: owner-nv-l AT lists.us.ibm DOT com

09/07/2005 06:48 AM
Please respond to

<nv-l AT lists.us.ibm DOT com>
[nv-l] Authentication failure traps

Netview 7.1.4 on Win2K3
Is there any way we can identify the IP / Hostname of the device, which causes the snmp traps.
I can see the origin and find out the device it is generated, but not able to find from which IP is trying to access.
Is the Authentication failure traps are generated by the NMS (NetView itself)?
Best regards,

Anvaj Aliyarukutty

anvaj.aliyarukutty AT ustri DOT com

721, Nila
Technopark, Trivandrum
Tel: +91 471 233 5777 ext: 8653

Fax: +91 471 252 7276
Cell: +91 944 772 8103


<Prev in Thread] Current Thread [Next in Thread>