Netsight alarm ip-security

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered

I configured on a switch ip-security DHCP-snooping. I also created an alarm in Netsight.

When I receive an  alarm, the information is:

IP Security Violation VLAN ifIndex INTEGER: 19 VLAN Description STRING: VLAN-NAME Port ifIndex <unknown> IP <unknown> MAC <unknown> Violation Type <unknown> .


How can I get the <UNKNOWN> information ?


Photo of Johan Hendrikx

Johan Hendrikx

  • 2,900 Points 2k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,476 Points 5k badge 2x thumb
Johan, what product and fimrware are you working with sending that alarm?
Photo of Johan Hendrikx

Johan Hendrikx

  • 2,900 Points 2k badge 2x thumb

I've tested it  with netsight 6.2.0.211. The switch that send the alarm is a x250-24p with firmware 15.3.1.4 patch1-44

Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,476 Points 5k badge 2x thumb
Johan, the means that the product is not sending in any data for those parameters. We looked at the security template in netsight, and it appears to be correctly for receiving said traps.
So this does not appear to be a formatting issue. I have added the XOS category into the discussion. Maybe they can assist with some recommendations.
(Edited)
Photo of Mike Thomas

Mike Thomas, Employee - GTAC - NMS

  • 7,476 Points 5k badge 2x thumb
Johan, after further review and re-creation we have opened up a case for you regarding this, and will follow up with that. Let me know if you do not see that case.
Photo of Annas Shaker

Annas Shaker, Employee

  • 240 Points 100 badge 2x thumb
Johan, here is a link for an article in our knowledge base that references this issue:
https://gtacknowledge.extremenetworks.com/articles/Solution/NetSight-IP-Security-Alarms-Show-UNKNOWN...