6 Replies Latest reply on Jan 17, 2014 10:08 AM by cahunt

    SNMP Traps - Community String

    abarnes1

      This should hopefully be an easy one. I've poured through admin guides and KB articles but haven't yet been able to find the answer -

       

      When sending SNMP traps to Solarwinds, you are of course asked to provide a community string in the configuration of the device from which you're sending the traps.

      My question is - where does one go to setup the community string that this is being validated against?

       

      I do see in the SNMP Trap RECEIVER tool, under Settings -> Community Filter tab where you can check/uncheck "Enable SNMP Community Filtering" - if this is unchecked, does that mean then that the community string being provided on the monitored device is essentially irrelevant?

       

      I'm inclined to think not, because I've tried disabling SNMP community filtering, yet I've still received "SNMPv2-MIB:authenticationFailure"s.

       

      Sorry if this is a stupid question. If anyone can provide some info or point me in the direction of some documentation I would be greatly indebted.

       

      Thanks guys!

        • Re: SNMP Traps - Community String
          cahunt

          I understand the filtering to filter based on what that device's string is; and it will reject traps from anything without the proper trap <Community Filter> 

           

          But just as well, with the Cisco, your Traps are sent and forgotten, udp?

           

          Your informs, is the trap type that waits for verification and would use the community string to verify against.

          Also in your trap Viewer you can filter or alert based not only on device but also the string used.

          • Re: SNMP Traps - Community String
            ptrog

            do you mean in the orion web console? its under node management then select the node then snmp settings.

              • Re: SNMP Traps - Community String
                abarnes1

                Not for a specific node. Here's an example scanario that might explain better:

                 

                You're sending snmp traps to your orion poller from a server/device that is NOT otherwise being monitored in NPM. Just unsolicited snmp traps. (Like an IBM DS8000 SAN for instance, which does not have an SNMP agent but is capable of sending traps to an IP address.)

                When you setup the device to send traps to Solarwinds, you're asked for, of course, the IP, as well as the community string.

                 

                Since the device is not a node in NPM, what is that community string you provided being validated against? Solarwinds is otherwise "unaware" of the device/server except for the traps it's receiving from it.

                 

                Does that make sense?

                  • Re: SNMP Traps - Community String
                    ptrog

                    i was getting the same issue. we tried everything, server guy poured over server to dig out all the comm strings. was still getting authfailures from almost all network devices. the only "solution" i found is to take out the snmp server ip out of the device. not much of a fix but it stopped the traps. first i just disabled authen traps in the device. I know it seems like we would want to see those failures but our engie said it wasnt a big deal.:/

                    • Re: SNMP Traps - Community String
                      cahunt

                      Yes it does, I am not sure if the SNMP Trap Receiver is still a valid app to use. But it has a filtering option to only accept traps from devices with a specific string.

                       

                      Though I would just feel safer with a trap alert. Put the conditions you want in a new Trap Alert and get the trap forwarded when it hits from that IP, or a range of IPs that you know you do not have in NPM, but still want conditions on.

                  • Re: SNMP Traps - Community String
                    mgibson

                    What I have found is I will recieve many of these errors if someone has misconfigured SNMP on the Target.

                    On the SNMP Service, Security Tab and checked the "send authentication" box.