nv-l
[Top] [All Lists]

Re: [nv-l] Back on the authenticationFailure trail again

To: nv-l@lists.tivoli.com
Subject: Re: [nv-l] Back on the authenticationFailure trail again
From: Joe Fernandez <jfernand@kardinia.com>
Date: Thu, 03 Oct 2002 12:53:07 +1000
301 is a Catalyst 6000.
This OID should be resolved by the Cisco Products MIB that you loaded.

The trap is being sent by  a Cisco device, not an MLM, and the Cisco device
is identifying the system responsible for making the unauthenticated
request as your NetView server.   

The authentication failure definition that you quote is I think exactly
what James Shanks suggested in an earlier response. 
An agent is an SNMP entity that implements MIBs, responds to Get and Set
requests, and originates Traps. 

Are you able to browse the MIB tables in the Cisco devices that are sending
this trap, as you said previously? In any case if NetView is showing the
Cisco devices with the correct symbols it must be able to do SNMP Gets with
the correct  read community string. It still sounds like another
application on your server is responsible.

What is your MLM set up?

Do you have a packet analyzer that you can put on your NetView system -
SNMP v1 is not secure and the community string is transmitted in the clear
so you can check what community string is being sent out.


At 11:56 AM 2/10/2002 +0100, john.j.mackney@accenture.com wrote:
>I am using Solaris 8 and NetView 7.1.2
>
>The more nodes NetView discovers the authenticationFailure traps I receive.
>My events application is now totally snowed with authenticationFailure
>traps. The format of the traps are generally:
>
>"A authenticationFailure trap received from enterprise cisco with 1
>argument:  authAddr=ch-220r-mm-01"
>(where ch-220r-mm-01 is the DNS name of my NetView Server)
>and the oid sent back in the message is a cisco OID
>ENTERPRISE: cisco 1.3.6.1.4.1.9.1.301
>
>My theory is that NetView and my MLMs are somehow communicating with each
>other using invalid community names. However, I am sure that I have
>configured the Solaris snmpdx, mibiisa and the NetView midmand and mgragent
>ACL files correctly!
>
>I found this statement in the Unix configuration guide
>
>Authentication Failure:
>An authentication failure results when the community name, sent by a
>manager
>system to an agent, is not valid. When an agent receives a community name
>that is
>not valid, it can send an authentication failure trap to the Tivoli NetView
>program,
>which logs authentication failure traps in its event log,
>/usr/OV/log/ovevent.log.
>
>In the above statement - what is being referred to as the "agent". Is that
>MLM or any box with SNMP enabled?
>
>Can anyone help me track down what's happening?
>
>John
>
>
>This message is for the designated recipient only and may contain
>privileged, proprietary, or otherwise private information.  If you have
>received it in error, please notify the sender immediately and delete the
>original.  Any other use of the email by you is prohibited.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: nv-l-unsubscribe@lists.tivoli.com
>For additional commands, e-mail: nv-l-help@lists.tivoli.com
>
>*NOTE*
>This is not an Offical Tivoli Support forum. If you need immediate
>assistance from Tivoli please call the IBM Tivoli Software Group
>help line at 1-800-TIVOLI8(848-6548)
> 
Joe Fernandez
Kardinia Software
jfernand@kardinia.com

http://www.kardinia.com


<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web