• Invalid password entered in a login attempt through a direct serial, Telnet, or SSH connection
• Manager password changes
• Port-security (web, MAC, or802.1X) authentication failure
• SNMP authentication failure
• Running configuration changes
Enabling or disabling notification/traps for network security failures and other security
events (CLI)
Syntax:
[no] snmp-server enable traps [arp-protect | auth-server-fail | dhcp-server
| dhcp-snooping | dhcpv6-snooping | dyn-ip-lockdown | dyn-ipv6-lockdown | link-change
| login-failure-mgr | mac-count-notify | mac-notify | macsec | nd-snooping | password-change-mgr
| port-security | running-config-change | snmp-authentication | startup-config-change | vsf ]
Enables or disables sending one of the security notification types listed below to configured trap receivers.
(Unless otherwise stated, all of the following notifications are enabled in the default configuration.)
The notification sends a trap:
arp-protect
Traps for Dynamic ARP Protection.
auth-server-fail
Traps reporting authentication server unreachable.
dhcp-server
Traps for DHCP-Server.
dhcp-snooping
Traps for DHCP-Snooping.
dhcpv6-snooping
Set the traps for DHCPv6 snooping.
dyn-ip-lockdown
Traps for Dynamic Ip Lockdown.
dyn-ipv6-lockdown
Enable traps for Dynamic IPv6 Lockdown.
link-change
Traps for link-up and link-down.
login-failure-mgr
Traps for management interface login failure.
mac-count-notify
Traps for MAC addresses learned on the specified
ports exceeds the threshold.
mac-notify
Traps for (learned/removed) MAC address table
changes.
macsec
Configure the traps for MACsec notifications.
nd-snooping
Set the trap for nd snooping
password-change-mgr
Traps for management interface password change.
port-security
Traps for port access authentication failure.
Table Continued
Chapter 7 Configuring for Network Management Applications 203
To Next Page
Loading...
