No traps in Spectrum from the Secure Domain Connector (SDC)

Document ID : KB000049207
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Devices in a DMZ managed by the SDC are sending traps to the SDC to be sent to the SpectroSERVER for alarm generation but the traps are not showing up in the OneClick client console as alarms.

Solution:

The first step to determining the root cause here is to identify where the traps stop being processed.

Run a capture tool on the SDC server and verify that the traps sent to it from the managed device within the DMZ are arriving.

If they are not, then some issue with the device sending the traps, or the network path between the device and the SDC server is preventing them from arriving on the SDC server.

If they are arriving on the SDC server but no alarms are raised for them in Spectrum, is the SDC server running on Windows?

Is the Microsoft Windows SNMP Trap Service running and enabled on the SDC server?

It may be that the Microsoft Windows SNMP Trap Service is bound on port 162, the trap listening port for SDC. So while the SDC server is indeed receiving the traps, it is the Microsoft Windows SNMP Trap Service that is actually receiving them and processing them instead of the SDC. Due to this the SDC doesn't receive the traps and thus does not forward them on to Spectrum.

Solution 1: Disable the Microsoft Windows SNMP Trap Service

If the Microsoft Windows SNMP Trap Service is not needed, the best solution is to disable it.

  1. Disable the Microsoft Windows SNMP Trap Service
  2. Restart the SDConnector process by rebooting the machine.

When it restarts it should now be able to bind to port 162, listen for and receive traps, and forward them on to the SpectroSERVER when it sees them arrive.

NOTE: More information about the Microsoft Windows SNMP Trap Service can be found in Microsoft KB article ID: 324263. It can be found here.

Solution 2: Change the port SDC listens to for traps

If the Microsoft Windows SNMP Trap Service is needed and cannot be disabled, the best solution is to change the port that the SDC listens on for traps to arrive. Be aware that making this change will require a change to all devices sending traps destined for the SpectroSERVER. They will all need to be set to send traps not just to the SDC server for forwarding to the SpectroSERVER, but also they will need to be told what port on the SDC to send the traps to. That port should match the port we are going to set in the SDC configuration below.

This is valid on Linux, Solaris, and Windows SDC installations

NOTE: In the following procedure, port 951 is used as an example of a new custom listening port.

  1. Navigate to the $SDC_HOME/SDMConnector/bin directory on the SDC server.
  2. Open the sdc.rc file to be edited
  3. Configure SDConnector to listen for traps on a custom port by modifying the sdc.rc file as follows:

    snmp_trap_port = 951

    NOTE: Default value is empty so it will default to port 162.

  4. Restart SDConnector process by rebooting the machine.

The SDConnector will now listen for traps on port 951 in the example above while still allowing traps sent to port 162 to be received and acted upon by the Microsoft Windows SNMP Trap Service.