2.64. SNMP

These log messages refer to the SNMP (Allowed and disallowed SNMP accesses) category.

2.64.1. disallowed_sender (ID: 03100001)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, disallowed sender IP
Explanation
The sender IP address is not allowed to send SNMP data to the unit. Dropping packet.
Firewall Action
drop
Recommended Action
If this sender IP address should have SNMP access to the unit, this should be configured in the ACCESS section.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.2. invalid_snmp_community (ID: 03100002)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, invalid community string
Explanation
The SNMP community string is invalid.
Firewall Action
drop
Recommended Action
Make sure the entered SNMP community string is correct.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.3. snmp3_received_unautherized_message (ID: 03100100)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, authentication failed
Explanation
Calculated message digest is not the same as received digest.
Firewall Action
drop
Recommended Action
Investigate client that send unauthorized messages.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.4. snmp3_local_password_too_short (ID: 03100101)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, local password is too short
Explanation
SNMPv3 specification RFC3414 ch. 11.2 demands that the passowrd is at least 8 characters. System will not allow SNMPv3 requests as long as the local password is too short.
Firewall Action
drop
Recommended Action
Make sure the password string in local user database is at least 8 characters.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.5. snmp3_authentication_failed (ID: 03100102)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, authentication failed
Explanation
The SNMP authentication failed.
Firewall Action
drop
Recommended Action
Make sure the entered SNMP username and password strings are correct.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.6. snmp3_unsupported_securitylevel (ID: 03100103)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, wrong security level
Explanation
System received a SNMP message with a security level that does not match the configured security level.
Firewall Action
drop
Recommended Action
Make sure the security level of the SNMP client match the security level of the system.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.7. snmp3_message_intended_for_other_system (ID: 03100104)

Default Severity
WARNING
Log Message
Disallowed SNMP from <peer>, message was intended for another system
Explanation
System received a SNMP message with an Engine ID that this system does not have.
Firewall Action
drop
Recommended Action
Find out what is sending these SNMP messages and take appropriate action to stop these messages.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.8. snmp3_rebooted_2147483647_times (ID: 03100105)

Default Severity
ERROR
Log Message
Disallowed SNMP from <peer>, system has rebooted 2147483647 times
Explanation
System has rebooted 2147483647 times. The reboot counter has reached its maximum value.
Firewall Action
drop
Recommended Action
The engine ID of the system must be changed manually.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.9. snmp3_outside_of_time_window (ID: 03100106)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, message is outside of the Time Window +/-150 seconds
Explanation
According to SNMPv3 specification RFC3414 a message containing engine time that differs more than +/-150 seconds from current time is to be dropped to prevent replay attacks.
Firewall Action
drop
Recommended Action
Investigate the peer that sends SNMP messages that are ouside the Time Window.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.10. snmp3_bad_version (ID: 03100107)

Default Severity
NOTICE
Log Message
Disallowed SNMP from <peer>, wrong SNMP version
Explanation
The SNMP request did not have the correct SNMP version.
Firewall Action
drop
Recommended Action
Make sure the selected SNMP version is correct.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.11. snmp3_decryption_failed (ID: 03100108)

Default Severity
WARNING
Log Message
Disallowed SNMP from <peer>, decryption failed
Explanation
The SNMP decryption failed because peer did not send an appropriate privParameter.
Firewall Action
drop
Recommended Action
Investigate the device that send invalid privParameter.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.12. snmp3_decryption_failed (ID: 03100109)

Default Severity
WARNING
Log Message
Disallowed SNMP from <peer>, decryption failed
Explanation
The SNMP decryption failed.
Firewall Action
drop
Recommended Action
Check that peer uses correct cipher.
Revision
1
Parameters
peer
Context Parameters
Connection

2.64.13. snmp3_message_not_in_time_window (ID: 03100110)

Default Severity
ERROR
Log Message
Disallowed SNMP from <peer>, received message not in time window
Explanation
Received message did not have the same number of engine boots as system. Someone may be trying to resend old messages to system.
Firewall Action
drop
Recommended Action
Investigate peer that sends malformed message.
Revision
1
Parameters
peer
Context Parameters
Connection