These log messages refer to the SNMP (Allowed and disallowed SNMP accesses) category.
2.64.1. disallowed_sender (ID: 03100001)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, disallowed sender IP
- Explanation
- The sender IP address is not allowed to send SNMP data to the unit. Dropping packet.
- Firewall Action
- drop
- Recommended Action
- If this sender IP address should have SNMP access to the unit, this should be configured in the ACCESS section.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.2. invalid_snmp_community (ID: 03100002)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, invalid community string
- Explanation
- The SNMP community string is invalid.
- Firewall Action
- drop
- Recommended Action
- Make sure the entered SNMP community string is correct.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.3. snmp3_received_unautherized_message (ID: 03100100)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, authentication failed
- Explanation
- Calculated message digest is not the same as received digest.
- Firewall Action
- drop
- Recommended Action
- Investigate client that send unauthorized messages.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.4. snmp3_local_password_too_short (ID: 03100101)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, local password is too short
- Explanation
- SNMPv3 specification RFC3414 ch. 11.2 demands that the passowrd is at least 8 characters. System will not allow SNMPv3 requests
as long as the local password is too short.
- Firewall Action
- drop
- Recommended Action
- Make sure the password string in local user database is at least 8 characters.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.5. snmp3_authentication_failed (ID: 03100102)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, authentication failed
- Explanation
- The SNMP authentication failed.
- Firewall Action
- drop
- Recommended Action
- Make sure the entered SNMP username and password strings are correct.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.6. snmp3_unsupported_securitylevel (ID: 03100103)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, wrong security level
- Explanation
- System received a SNMP message with a security level that does not match the configured security level.
- Firewall Action
- drop
- Recommended Action
- Make sure the security level of the SNMP client match the security level of the system.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.7. snmp3_message_intended_for_other_system (ID: 03100104)
- Default Severity
- WARNING
- Log Message
- Disallowed SNMP from <peer>, message was intended for another system
- Explanation
- System received a SNMP message with an Engine ID that this system does not have.
- Firewall Action
- drop
- Recommended Action
- Find out what is sending these SNMP messages and take appropriate action to stop these messages.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.8. snmp3_rebooted_2147483647_times (ID: 03100105)
- Default Severity
- ERROR
- Log Message
- Disallowed SNMP from <peer>, system has rebooted 2147483647 times
- Explanation
- System has rebooted 2147483647 times. The reboot counter has reached its maximum value.
- Firewall Action
- drop
- Recommended Action
- The engine ID of the system must be changed manually.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.9. snmp3_outside_of_time_window (ID: 03100106)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, message is outside of the Time Window +/-150 seconds
- Explanation
- According to SNMPv3 specification RFC3414 a message containing engine time that differs more than +/-150 seconds from current
time is to be dropped to prevent replay attacks.
- Firewall Action
- drop
- Recommended Action
- Investigate the peer that sends SNMP messages that are ouside the Time Window.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.10. snmp3_bad_version (ID: 03100107)
- Default Severity
- NOTICE
- Log Message
- Disallowed SNMP from <peer>, wrong SNMP version
- Explanation
- The SNMP request did not have the correct SNMP version.
- Firewall Action
- drop
- Recommended Action
- Make sure the selected SNMP version is correct.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.11. snmp3_decryption_failed (ID: 03100108)
- Default Severity
- WARNING
- Log Message
- Disallowed SNMP from <peer>, decryption failed
- Explanation
- The SNMP decryption failed because peer did not send an appropriate privParameter.
- Firewall Action
- drop
- Recommended Action
- Investigate the device that send invalid privParameter.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.12. snmp3_decryption_failed (ID: 03100109)
- Default Severity
- WARNING
- Log Message
- Disallowed SNMP from <peer>, decryption failed
- Explanation
- The SNMP decryption failed.
- Firewall Action
- drop
- Recommended Action
- Check that peer uses correct cipher.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection
2.64.13. snmp3_message_not_in_time_window (ID: 03100110)
- Default Severity
- ERROR
- Log Message
- Disallowed SNMP from <peer>, received message not in time window
- Explanation
- Received message did not have the same number of engine boots as system. Someone may be trying to resend old messages to system.
- Firewall Action
- drop
- Recommended Action
- Investigate peer that sends malformed message.
- Revision
- 1
- Parameters
- peer
- Context Parameters
- Connection