Original Message:
Sent: Apr 09, 2024 06:00 AM
From: thomasbnc
Subject: SNMPv3 Link down traps are not working (2930M / JL321A)
Hi
are you sure you need link up/down traps in your NAC software? What NAC solution are you using?
With Aruba Clearpass SNMP-based enforcement, mac-notify traps are used to track whether a client is connected or not.
Switch Configuration
Global switch configuration:
snmp-server community OnConnectRO operator
snmp-server community OnConnectRW operator
snmp-server host 4.3.2.1 community ClearPassOnConnect trap-level all
snmp-server trap-source 1.2.3.4
snmp-server enable traps mac-notify
Interface configuration:
snmp-server enable traps link-change 17-20
interface 17-20 mac-notify traps learned
interface 17-20 mac-notify traps removed
interface 17-20 untagged vlan 812
Would that do the job for you, too? See also "Wired Policy Enforcement Solution Guide" page 50 ff..
Regards,
Thomas
Original Message:
Sent: Apr 09, 2024 05:22 AM
From: md@hwi-it.de
Subject: SNMPv3 Link down traps are not working (2930M / JL321A)
Nobody can help? :-(
Original Message:
Sent: Mar 19, 2024 08:59 AM
From: md@hwi-it.de
Subject: SNMPv3 Link down traps are not working (2930M / JL321A)
Hello.
I have the problem, that I need snmpv3 link down traps on a NAC appliance.
SNMP Link Up Traps are send well. SNMP Link Down traps are not send. The switch is just send the operational status of the port is down, but not the link down trap.
Switch version is: WC.16.11.0005
SNMP Configuration:
snmpv3 targetaddress "NAC" params "counteract" 10.22.31.1 filter all taglist "NAC"
Please see log messages from NAC appliance.
Link Up Trap:
sw:18235:1710851371.821736:Tue Mar 19 13:29:31 2024: main::sw_send_trap_event_by_mac:14749:[]::0: mac[805d974dcde7] reporting trap [up] event
sw:18235:1710851373.086182:Tue Mar 19 13:29:33 2024: main::sw_add_mac:9287:[DEVICE,MAC]:[keys:10.22.31.1,10.22.31.1:146,805d974dcde7]:0: Sending adm for mac[805d974dcde7] - reveived link-up trap on this port
sw:18235:1710851373.086377:Tue Mar 19 13:29:33 2024: main::sw_send_adm_by_mac:13406:[DEVICE,MAC]:[keys:10.22.31.1,10.22.31.1:146,805d974dcde7]:0: sw [10.22.31.1] sending admission for mac[805d974dcde7]
sw:18235:1710851373.334845:Tue Mar 19 13:29:33 2024: main::sw_send_trap_event_by_mac:14749:[DEVICE,MAC]:[keys:10.22.31.1]:0: mac[805d974dcde7] reporting trap [up] event
Link down trap / operational status:
sw:18235:1710851404.694754:Tue Mar 19 13:30:04 2024: main::sw_purge_port_macs_hash_absent_mac:19791:[DEVICE,MAC]:[keys:10.22.31.1]:0: operatedown - mac[805d974dcde7] ipport[10.22.31.1:146] multi[1] voip[] trunk[0] operate_down[1]
sw:18235:1710851404.695458:Tue Mar 19 13:30:04 2024: main::mac_removed_from_port_handle_mac:20874:[DEVICE,MAC]:[keys:10.22.31.1]:0: deleting mac[805d974dcde7] from ipport[10.22.31.1:146 mac_on_another_port[] operate_down[1] mac_last_update_time[1710851373] online[]
Is there any configuration to activate same link traps for link down as link up? Or is it a bug of software?