Problem with SNMP traps not being forwarded from CPM.
Article ID: 168077
Updated On:
Products
XOS
Issue/Introduction
In case SNMP traps are not received by the monitoring station, here are some troubleshooting stepsError messages such as the following occur when testing SNMP traps:
Apr 4 10:16:50 gator cbsalarmmond[1965]: [E] send_out_traps Error sending trap... snmp_sess_send ERROR Unknown Error 49 (Unknown error 774909488)
Apr 4 10:16:50 gator kernel: DROP IN= OUT=eth2 SRC=192.168.30.140 DST=60.60.60.1 LEN=94 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=33261 DPT=162 LEN=74
Apr 4 10:16:50 gator cbsalarmmond[1965]: [E] send_out_traps Error sending trap... snmp_sess_send ERROR Unknown Error 49 (Unknown error 774909488)
Apr 4 10:16:50 gator kernel: DROP IN= OUT=eth2 SRC=192.168.30.140 DST=60.60.60.1 LEN=119 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UD
Apr 4 10:16:50 gator cbsalarmmond[1965]: [E] send_out_traps Error sending trap... snmp_sess_send ERROR Unknown Error 49 (Unknown error 774909488)
Apr 4 10:16:50 gator kernel: DROP IN= OUT=eth2 SRC=192.168.30.140 DST=60.60.60.1 LEN=94 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=33261 DPT=162 LEN=74
Apr 4 10:16:50 gator cbsalarmmond[1965]: [E] send_out_traps Error sending trap... snmp_sess_send ERROR Unknown Error 49 (Unknown error 774909488)
Apr 4 10:16:50 gator kernel: DROP IN= OUT=eth2 SRC=192.168.30.140 DST=60.60.60.1 LEN=119 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UD
Cause
Your access lists may not allow the testing of traps.
Resolution
A quick and easy way to test SNMP traps is to configure an SNMP trap destination such as the following
snmp-server host 60.60.60.1 traps public
Then run tcpdump on the server 60.60.60.1.
The user can either perform some action which will generate a trap, or another way to perform the test is to attempt to telnet to the server using ports 161 and 162.
To resolve access problems, configure the access-list to allow snmp trap destination host.
config access-list 1001 permit ip source-ip 60.60.60.1 0.0.0.0 destination-ip 192.168.30.0 0.0.0.255
config access-list 1002 permit ip source-ip 192.168.30.0 0.0.0.255 destination-ip 60.60.60.1 0.0.0.0
snmp-server host 60.60.60.1 traps public
Then run tcpdump on the server 60.60.60.1.
The user can either perform some action which will generate a trap, or another way to perform the test is to attempt to telnet to the server using ports 161 and 162.
To resolve access problems, configure the access-list to allow snmp trap destination host.
config access-list 1001 permit ip source-ip 60.60.60.1 0.0.0.0 destination-ip 192.168.30.0 0.0.0.255
config access-list 1002 permit ip source-ip 192.168.30.0 0.0.0.255 destination-ip 60.60.60.1 0.0.0.0
Workaround
N/AFeedback
Yes
No
Powered by
