Version

Argent for SNMP and Argent for Compliance 1308-A or below

Date

Thursday, 5 Sep 2013

Summary

Engine does IP reverse lookup for the source of trap message

It uses the NETBIOS name format by default

If the licensed node name uses Fully Qualified Domain Name (FQDN), it won’t match

As a result, the trap message is ignored

Technical Background

By design, the Argent AT Engine drops the trap message if the source IP is not licensed.

As customers may license the node by either FQDN or NETBIOS name instead of the explicit IP address, the Argent AT Engine does an IP reverse lookup in order to match the node name

For example, the trap comes from 192.168.2.105, which is utestserver.a.local in DNS.

It will work if customer licenses 192.168.2.105 or utestserver in 3.1A-1308-A or earlier

But if utestserver.a.local is used instead, the Argent AT Engine won’t find it and the following log message is generated:

04 Sep 2013 10:23:51.489 PANWS A\Administrator (4624-432) 01808 Following SNMP trap is received but its source 192.168.2.105 (utestserver) not used in production relators:...

The issue is addressed in 3.1A-1310-A

Resolution

Upgrade to Argent AT 3.1A-1310-A or later