{}

Our Brands

0 item count of documents is
0 item count of documents is
UNITED STATES Partner Login BECOME A PARTNER Item count in cart is 0 Order Status

  1. Support
  2. Search FAQs
  3. FAQ000262764

Search FAQs

NMC logs "SNMP unauthorized user attempting to access"

Issue:
How to address "SNMP unauthorized user attempting to access"

Product Line:
NMC 1, 2 and 3 including embedded NMCs with SRT, SRTL, SRYL and rack PDU or ATS units

Environment:
All models, all serial numbers

Cause:
Configuration issue on NMC’s SNMP feature causes this type of log entry. This message tells that something is sending the SNMP Get or Set to the NMC from the logged ip address(es) or workstation(s).

Resolution:

Confirm first if SNMP feature is being utilized with your NMC:
If yes, make sure first that the NMC has the latest firmware on it  (whether it’s a licensed or non-licensed). Please refer to the Support page in our site to get the latest NMC firmware needed.

If not being utilized, please disable either SNMPv1 or SNMPv3 under the NMC’s Configuration menu> Network> SNMPv1 or SNMPv3> Access
pic1 pic2

If SNMP is being utilized, please check if your NMS is configured for SNMP v1, SNMP v3 or for both. If you are only using one version of SNMP, please disable the other version not being used through the web interface of the NMC – it’s possible that the NMS has multiple SNMP agents that are trying to access the NMC and does not match the NMC’s SNMP community name.
Further, leaving the SNMP NMS IP setting to 0.0.0.0 from the NMC, allows any IP address to hit the SNMP interface of the NMC. With this, the message would be logged because the workstation(s) might not have the correct community name that matches the NMC’s, thus, the NMS IP should be changed to a specific IP address or put a network segment in there, such as 10.218.44.0 - this will allow anyone between 10.218.44.1-10.218.44.254 to be allowed to hit the SNMP interface of the NMC.


Other ways to temporarily address the "SNMP unauthorized user attempting to access" log:
1. Disabling the log entry and email notification options. Once these are disabled, customers will no longer see any 'unauthorized' SNMP access being logged to their NMC or be sent as notification, however these are useful for real breaches.
pic3

2. Setting up the 'firewall' (blacklist) on the NMC to deny/reject networks for SNMP requests. Please refer to article FAQ000209837, for more details about Firewall setup.

Released for:APC USA

Explore more
Range:
UPS Network Management Cards
Explore more
Range:
UPS Network Management Cards

Articles that might be helpful

Show more articlesshow more
 Users group

Discuss this topic with experts

Visit our Community for first-hand insights from experts and peers on this topic and more.