Someone has been messing with this besides you.
The lines in snmpd.conf are added at NetView install time, and matching ones are
added in snmpd.peers and neither set of entries should have been touched by the
uninitiated. "SMUX" stand for "snmpd multiplexed" which is a way to have
multiple agents. snmpd is the primary and he needs an entry in snmpd.conf which
tells him who his peers are and what MIB variable is the start of their tree.
Each peer needs a matching entry in the snmpd.peers file. When the peer comes up
he uses what is in the snmpd.peers file to open a session with snmpd. snmpd in
turn verifies the connection with the entry in his snmpd.conf file. If what the
peer uses trying to connect with doesn't match what is in the snmpd.conf file,
the session request is rejected with a badIdentity error. Clear enough?
mgragentd and trapgend are NetView daemons which are smux peers. Thus they
have entries in snmpd.peers and snmpd.conf, which should be left alone unless
these daemon are disabled by ovdelobj so that they cannot be started.
As shipped, snmpd.conf looks like this
smux .1.3.6.1.4.1.2.6.4.1 nv6000 #Tivoli NetView: trapgend
smux .1.3.6.1.4.1.2.6.4.6 nv6000 #Tivoli NetView: mgragentd
And snmpd.peers looks like this
trapgend .1.3.6.1.4.1.2.6.4.1 nv6000 #Tivoli NetView: trapgend
mgragentd .1.3.6.1.4.1.2.6.4.6 nv6000 #Tivoli NetView: mgragentd
In this case "nv6000" is the internal community string or password and it needs
to match.
James Shanks
Team Leader, Level 3 Support
Tivoli NetView for UNIX and NT
"Thomas Kunz" <t-kunz@admin.ndis.umn.edu> on 09/28/2000 01:35:33 PM
Please respond to IBM NetView Discussion <nv-l@tkg.com>
To: nv-l@tkg.com
cc: (bcc: James Shanks/Tivoli Systems)
Subject: Re: [NV-L] Authentication Problem
I turned on the snmpd debug.
Some additional info.
Luminere.pts.umn.edu is the Netview manager and it is an AIX system and
following is from the snmpd.log
160.94.1.196 is the IP address of luminere
I don't know what SMUX is and in the /etc/snmpd.conf I found these lines and I
don't know what it is trying to do here either but am wondering if this is the
source of the problem
smux 1.3.6.1.4.1.2.6.4.1 password # TME 10 NetView: trapgend
# not the real password
smux 1.3.6.1.4.1.2.6.4.6 password # TME 10 NetView: mgragentd
# not the real password
where is this password referenced?
what does the badIdentity refer to?
09/28/00 00:30:24 NOTICE: SMUX packet from (160.94.1.196+47655+4)
{
simple {
version 0,
identity 0.0,
description "NSGS",
password ""
}
}
09/28/00 00:30:24 EXCEPTIONS: simpleOpen rejected (badIdentity): 0.0 (SMUX
160.94.1.196+47655+4)
09/28/00 00:30:24 TRACE:
{
version 0,
community "public",
data {
trap {
enterprise risc6000snmpd.3,
agent-addr 'a05e01c4'H,
generic-trap 4,
specific-trap 0,
time-stamp 2431973,
variable-bindings {}
}
}
}
09/28/00 00:30:24 DEBUG: sending 48 bytes to 127.0.0.1
09/28/00 00:30:24 PDUS:
30 2e 02 01 00 04 06 70 75 62 6c 69 63 a4 21 06
0c 2b 06 01 04 01 02 03 01 02 01 01 03 40 04 a0
5e 01 c4 02 01 04 02 01 00 43 03 25 1b e5 30 00
09/28/00 00:30:24 DEBUG: sent trap (authenticationFailure) to 127.0.0.1
Thanks and have a great day! :-)
Tom Kunz
OIT/PTS Network & AIX Systems Support
University of Minnesota
1300 S. 2nd St.
Mpls., MN. 55454-1083
Suite 660
Phone: 612-624-8086
Fax: 612-626-1332
Email: t-kunz@cafe.tc.umn.edu
>>> lclark@us.ibm.com 09/27/00 01:52PM >>>
Some management system somewhere is polling luminere.pts.umn.edu
with an incorrect community, and luminere.pts.umn.edu has its trap
destination
set to the Netview box, so it reports it to you. Is it the Netview box
itself doing that poll?
Test this by doing a demand poll on the node. If you get a whole bunch more
of the same
traps, then it is you. If not, it is someone else. Perhaps you have another
Netview,
or an Openview system on the network? Netview for NT has a nice, regular
daily configuration poll that by default goes off at that time of day. Do
you have
one of those? The daily config poll on Unix is less regular, but could by
chance have
become set to that time. The numbers in front of the trap are a unix form
of timestamp,
I think.
If lumiere is an AIX box, you can turn on debug in its /etc/snmpd.conf
(raise it by one
or 2 levels) and check the snmpd.log (its location is specified in the same
file) to
see what community string it is getting that it does not like. That may
give you a clue
as to who is doing the polling.
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
Detroit
"Thomas Kunz" <t-kunz@admin.ndis.umn.edu>@tkg.com on 09/27/2000 01:51:44 PM
Please respond to IBM NetView Discussion <nv-l@tkg.com>
Sent by: owner-nv-l@tkg.com
To: <nv-l@tkg.com>
cc:
Subject: [NV-L] Authentication Problem
Hello
We have NetView 5.1.2, AIX 4.3.1 and Framework 3.6.1.
Every day at 12:30 A.M. we get the following error message in trapd.log.
How can I find out where it is coming from?
Also what do the numbers at the front of the message mean?
970032625 4 Wed Sep 27 00:30:25 2000 luminere.pts.umn.edu A IBM
Incorrect Community Name (authenticationFailure Trap)
Thanks in advance.
Thanks and have a great day! :-)
Tom Kunz
OIT/PTS Network & AIX Systems Support
University of Minnesota
1300 S. 2nd St.
Mpls., MN. 55454-1083
Suite 660
Phone: 612-624-8086
Fax: 612-626-1332
Email: t-kunz@cafe.tc.umn.edu
**************************************************************************
This e-mail and its attachments have been scanned for viruses.
NDIS/ADCS University of Minnesota
**************************************************************************
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l
_________________________________________________________________________
NV-L List information and Archives: http://www.tkg.com/nv-l
|