Unwanted SNMP outbound traffic from management LIFs
Applies to
- ONTAP 9
- AFF / FAS
- SNMP
Issue
- On certain devices, unexpected
SNMP
traffic orSNMP
authentication errors are received. - The source of the traffic is either a node-management LIF or a cluster management LIF.
- Such unwanted traffic is deemed a security issue.
Sep 10, 2022, 8:33:15 PM IOS @ 10.xx.xx.1 <131>4231: ]: Sep 10 20:33:14: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Sep 10, 2022, 8:31:35 PM IOS @ 10.xx.xx.1 <131>4230: ]: Sep 10 20:31:34: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Sep 10, 2022, 8:30:13 PM IOS @ 10.xx.xx.1 <131>4229: ]: Sep 10 20:30:12: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Sep 10, 2022, 8:29:00 PM IOS @ 10.xx.xx.1 <131>4228: ]: Sep 10 20:28:59: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Sep 10, 2022, 8:27:55 PM IOS @ 10.xx.xx.1 <131>4227: ]: Sep 10 20:27:54: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Sep 10, 2022, 8:26:15 PM IOS @ 10.xx.xx.1 <131>4226: ]: Sep 10 20:26:14: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 10.xx.xx.2
Or
09/08/22 09:47:46 00236 snmp: Security access violation from 192.xx.xx.4 for the community name or user name : cshm1! (11 times in 60 seconds)