13 Replies Latest reply on Nov 7, 2013 11:01 AM by cahunt

    SNMP issue?


      Hi there,


      I've been having some trouble with SNMP queries to one switch recently.

      Every half hour I get two syslog entries, warning about authentication failures from my Orion host, I've tracked this down to the rediscover and topology polls.


      Revelant configs:

      Switch is a 3750E-24TD stack with 2 members.

      Relevant config snippet:

      access-list 50 permit orionhost

      access-list 50 deny   any log

      snmp-server community communitystring RO 50


      I've tested the credentials without any issues, the other polls (bandwidth usage gathering etc) are all running fine. I've removed the node and added it, which didn't help.

      The only change that's been made is the removal of a few unused VLAN's.


      Is this a bug? Or am I missing something?

        • Re: SNMP issue?

          Does the issue remain if you remove that ACL from the SNMP RO statement?

          1 of 1 people found this helpful
          • Re: SNMP issue?

            What is the error in the log you are getting?


            I think I saw something similar to this, and I think it is a bug in the IOS.


            You could try to restart the SNMP service on the router/switch:

            no snmp-server

            snmp-server community <removed> RO 1

            snmp-server community <removed> RW

              • Re: SNMP issue?

                They're all in this format:

                     542: 000544: CET: Authentication failure for SNMP req from host IP address


                I've restarted the SNMP service as you asked, I'll update this post with results

                Unfortunately, restarting the service did not help, still getting the messages.

              • Re: SNMP issue?

                you dont have a @ symbol in the community dtring do you?


                just need number and letters and see how it goes

                • Re: SNMP issue?

                  Double check your SNMP strings on both the device and in Orion to make sure they match.

                    • Re: SNMP issue?

                      The strings do match, I've just checked again, for the 5th time now I think.


                      I'm pretty sure I would also be getting a lot more errors if they didn't, as Orion polls every 2 minutes. Furthermore, the credential test in Orion gives a pass.

                        • Re: SNMP issue?

                          Have you reached out to your vendor to see if there is a bug?


                          What is the IOS version?

                            • Re: SNMP issue?

                              I've waited to contact them, I wanted to be sure I wasn't running into an config or Orion issue first. I'm also going to reboot the switch asap (not really an option during business hours).


                              IOS Version is 15.0(2)SE

                              The only possibly relevant bug I could find was related to SNMP traps, rather than polls.




                              Sooo, rebooting didn't resolve the issue. I've sniffed traffic between the switch and the Orion server and I couldn't find any SNMP packet with a bad community string. I'll be contacting our vendor, thanks to everyone for the help.

                        • Re: SNMP issue?

                          AndyRoberts mentioned this in post : SNMP Queue Failures


                          I Quote :


                          "After working with TAC for some time on this, it was identified that my switches had 2 known bugs associated to SNMP and SHH. After upgrading the code on my switches to a version where these bugs were fixed this appears to now be working or me.  If it helps the bug ID's TAC identified were CSCed69872 and CSCsv32556."


                          Hope this helps. As I currently am trying to remedy this reoccurring issue.