Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84422members
353606posts

DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

EcoStruxure IT forum

A support forum for Data Center Operation, Data Center Expert, and EcoStruxure IT product users to share knowledge on installation, configuration, and general product use.

Solved
DCIM_Support
Picard
Picard
0 Likes
5
1199

DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This question was originally posted on DCIM Support by John Wieczorek on 2017-08-17


The logs on our APC UPS' & PDUs are showing failed login attempts every hour originating from our DCE appliance. 
The devices are all providing correct sensor data  and there are no scheduled device discoveries - I 'm really curious what process on the DCE appliance is attempting  to connect. any ideas?

08/17/2017 08:36:57 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:57 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:55 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:55 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:53 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:53 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:51 System: Detected an unauthorized user attempting to access the SNMP interface from  < IP of DCE server>
08/17/2017 08:36:51 System: Detected an unauthorized user attempting to access the SNMP interface from < IP of DCE server>
08/17/2017 07:36:54

System: Detected an unauthorized user attempting to access the SNMP interface from < IP of DCE server>

etc.....

(CID:123349285)


Accepted Solutions
DCIM_Support
Picard
Picard
0 Likes
0
1201

Re: DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This answer was originally posted on DCIM Support by Cory McDonald on 2017-08-17


John,

Thank you for providing a log of the events.  Since this is occurring every hour, this would be priority scanning trying to take place.  Priority scanning needs WRITE snmp access to be able to set the Data Center Expert server as the priority scanning trap receiver (not visible via NMC GUI) on the NMC.

Please check the following:

Ensure that priority scanning is causing this: Data Center Expert Desktop Client > Device > SNMP Device Communication Settings > Device Scan Settings > Check the box for the device > Edit Device Scan Settings.  The priority scanning checkbox should be checked.

On this same screen you can see the write community string that is defined.  Ensure that this is matching a write community string that is defined on the device.

Additional information on priority scanning can be found in the knowledge base: http://www.apc.com/us/en/faqs/FA271584/

Best Regards,

Cory

(CID:123349313)

See Answer In Context

5 Replies 5
DCIM_Support
Picard
Picard
0 Likes
1
1201

Re: DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This answer was originally posted on DCIM Support by Steven Marchetti on 2017-08-17


Hi John,

 

DCE should only use incorrect community names if it was provided with them. Working on just this device to start, take a look at the SNMPdevice communications settings and make sure both read and write community names are correct and match that of the card:

Assuming your normal scans are 5 minutes or so and if this is only happening once an hour, it is possible that the priority scanning option which may try to re-write itself every hour is unable to do so. On the device itself, make sure the community name is not specifically associated with an IP. Perhaps test here as well by unchecking the priority scanning option for a period of an hour or 2 to see if the issue remains.

What version of DCE are you using?

What firmware revision is on this device?

What is this particular device?

How many community names are in use?

Is this SNMP V1 or V3?

 

Thanks,

Steve

 

 

 

(CID:123349307)

DCIM_Support
Picard
Picard
0 Likes
0
1201

Re: DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This comment was originally posted on DCIM Support by Steven Marchetti on 2017-08-17


P.S., turning off priority scanning will only allow DCE to alert when it scans the device and not immediately when an issue on the device occurs. That's why it should only be for a test period.

(CID:123349324)

DCIM_Support
Picard
Picard
0 Likes
0
1202

Re: DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This answer was originally posted on DCIM Support by Cory McDonald on 2017-08-17


John,

Thank you for providing a log of the events.  Since this is occurring every hour, this would be priority scanning trying to take place.  Priority scanning needs WRITE snmp access to be able to set the Data Center Expert server as the priority scanning trap receiver (not visible via NMC GUI) on the NMC.

Please check the following:

Ensure that priority scanning is causing this: Data Center Expert Desktop Client > Device > SNMP Device Communication Settings > Device Scan Settings > Check the box for the device > Edit Device Scan Settings.  The priority scanning checkbox should be checked.

On this same screen you can see the write community string that is defined.  Ensure that this is matching a write community string that is defined on the device.

Additional information on priority scanning can be found in the knowledge base: http://www.apc.com/us/en/faqs/FA271584/

Best Regards,

Cory

(CID:123349313)

DCIM_Support
Picard
Picard
0 Likes
0
1201

Re: DCE appliance attempting to login to SNMP interfaces on APC UPS & PDUs

This comment was originally posted on DCIM Support by John Wieczorek on 2017-08-17


Thanks all - priority scanning and incorrect SNMP permissions on the devices was the cause.

(CID:123997025)

DCIM_Support
Picard
Picard
0 Likes
0
1201

🔒 Closed

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.