| To: | nv-l@lists.us.ibm.com |
|---|---|
| Subject: | Re: [nv-l] Authentication Failure Trap Argument interpretation |
| From: | James Shanks <jshanks@us.ibm.com> |
| Date: | Wed, 22 Oct 2003 12:01:12 -0400 |
| Delivery-date: | Wed, 22 Oct 2003 17:09:54 +0100 |
| Envelope-to: | nv-l-archive@lists.skills-1st.co.uk |
| Reply-to: | nv-l@lists.us.ibm.com |
| Sender: | owner-nv-l-digest@lists.us.ibm.com |
|
Well, if that's the trap hex, it just says "OCTET STRING" (x04) and not "IP ADDRESS" (x40) 04 04 a2 83 26 3d means "octet string of 4 bytes" with that data. We would expect an IP Address to be 40 04 a2 83 26 3d I cannot answer why your other tools seem to know that this is meant as an IP Address. That's not what it says. James Shanks Level 3 Support for Tivoli NetView for UNIX and Windows Tivoli Software / IBM Software Group
Hi. We are running NV 7.1.3 on AIX. Some of our Cisco switches (and possibly routers), are sending us Authentication Failure traps. The problem is that Netview seems to be interpreting the second argument as an ASCII character string, rather than 4 hex values. Therefore, in the trap that gets displayed in Netview and processed, the second argument shows up as some strange characters, rather than a IP address. For what it's worth, Sniffer and Ethereal also interpret it this way. However, in the reading I've done, I don't see that Cisco is doing anything wrong when they format this trap. Perhaps I've missed something. Any help is appreciated. Here is an example: User Datagram Protocol, Src Port: 49608 (49608), Dst Port: snmptrap (162) Source port: 49608 (49608) Destination port: snmptrap (162) Length: 96 Checksum: 0xd4b0 (correct) Simple Network Management Protocol Version: 1 (0) Community: public PDU type: TRAP-V1 (4) Enterprise: 1.3.6.1.4.1.9.5.51 (iso.3.6.1.4.1.9.5.51) Agent address: risgrandisland1ne-sw5.net.principal.com (172.25.117.133) Trap type: AUTHENTICATION FAILED (4) Specific trap type: 0 Timestamp: 34124361 Object identifier 1: 1.3.6.1.4.1.9.9.131.1.5.2.0 (iso.3.6.1.4.1.9.9.131.1.5.2.0) Value: INTEGER: 1 Object identifier 2: 1.3.6.1.4.1.9.9.131.1.5.3.0 (iso.3.6.1.4.1.9.9.131.1.5.3.0) Value: STRING: "¢f&=" 0000 00 06 29 6c c3 1a 00 05 5e 45 4b 02 08 00 45 00 ..)l....^EK...E. 0010 00 74 4d 66 00 00 19 11 69 b4 ac 19 75 85 a2 83 .tMf....i...u... 0020 26 3d c1 c8 00 a2 00 60 d4 b0 30 56 02 01 00 04 &=.....`..0V.... 0030 06 70 75 62 6c 69 63 a4 49 06 08 2b 06 01 04 01 .public.I..+.... 0040 09 05 33 40 04 ac 19 75 85 02 01 04 02 01 00 43 ..3@...u.......C 0050 04 02 08 b2 49 30 2b 30 12 06 0d 2b 06 01 04 01 ....I0+0...+.... 0060 09 09 81 03 01 05 02 00 02 01 01 30 15 06 0d 2b ...........0...+ 0070 06 01 04 01 09 09 81 03 01 05 03 00 04 04 a2 83 ................ 0080 26 3d &= Thanks, Craig |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [nv-l] Authentication Failure Trap Argument interpretation, Treptow, Craig |
|---|---|
| Next by Date: | Re: [nv-l] netview server, Jane Curry |
| Previous by Thread: | [nv-l] Authentication Failure Trap Argument interpretation, Treptow, Craig |
| Next by Thread: | Re: [nv-l] Authentication Failure Trap Argument interpretation, Joe Fernandez |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
Archive operated by Skills 1st Ltd
See also: The NetView Web