Configuring for Network Management Applications
Using SNMP Tools To Manage the Switch
To enable or disable notification/traps for network security failures and other
security events, enter the snmp-server enable traps command.
Syntax: [no] snmp-server enable traps [snmp-auth | password-change-mgr | login-
failure-mgr | port-security | auth-server-fail | link-change]
Enables or disables sending one of the security notification
types listed below to configured trap receivers. (Unless
otherwise stated, all of the following notifications are
enabled in the default configuration.
• auth-server-fail sends a trap if the connection with a RADIUS or
TACACS+ authentication server fails.
• link-change < port-list > sends a trap when the link state on a port
changes from up to down, or the reverse.
•
login-failure-mgr sends a trap for a failed login with a manager
password.
•
password-change-mgr sends a trap when a manager password is
reset.
• port-security sends a trap for a failed authentication attempt through
a web, MAC, or 801.X authentication session.
•
snmp-authentication [ extended | standard ] sends a trap for a failed
authentication attempt via SNMP. Default: extended.
To determine the specific cause of a security event, check the event log in the
console interface to see why a trap was sent. For more information, refer to
“Using the Event Log for Troubleshooting Switch Problems” on page C-22.
To display the current configuration for network security notifications, enter
the show snmp-server traps command. Note that command output is a subset
of the information displayed with the show snmp-server command in Figure 13-
13.
13-27