Junos OS

Expand all | Collapse all

snmpd_auth_failure from x to x

  • 1.  snmpd_auth_failure from x to x

    Posted 14 days ago
    related post
    Junos OS
    Juniper remove preview
    Junos OS
    Hidden page that shows all messages in a thread
    View this on Juniper >



    So I was looking at a switch logs I noticed a flood of snmpd[1435]: SNMPD_AUTH_FAILURE: nsa_log_community: unauthorized SNMP community from x.x.x.x(publicIP) to (x.x.x.x public IP) (public)  note the two public IPs that the failure is logging are not the same and are not the IP of the router.  I have a filter in place to block any SNMP requests outside my snmp servers so I'm not sure why the switch is logging these failures as if they are hitting the control plane.  The to IP is an IP that is routed through this switch though.  No filters are in place to the egress ports for those publicly routable to IP's and they should not be filters because they are networks that whoever is on the other end will filter if they want. 
    The failures are logging about every 5-10 second so I'd like to ignore these or clean them up so there is not a lot of noise in my logs. 

    my logging on the switch is as follows
    set system syslog archive size 100k
    set system syslog archive files 3
    set system syslog user * any emergency
    set system syslog host x.x.x.x any notice
    set system syslog file messages any notice
    set system syslog file messages authorization info
    set system syslog file interactive-commands interactive-commands any
    set system syslog file interface-logs any any
    set system syslog file interface-logs match ifOperStatus

    This is a EX4550 running 15.1.R7.9




  • 2.  RE: snmpd_auth_failure from x to x

    Posted 9 days ago
    Hi William,

    Under "file messages" stanza, you can filter them:

    match "!(.*unauthorized SNMP community from x.x.x.x.*)"

    Yours sincerely.