08-18-2008 03:41 PM
Hi I have tried to add my ASA's to Cisco Works but havent had nay sucess. I just installed LMS 3.0. Any ideas?
08-18-2008 03:44 PM
What problems do you see when you add the ASA?
08-18-2008 03:48 PM
I see the device with a ? and it says unreachable
08-18-2008 03:49 PM
If the device is unreachable, then there is a problem communicating with it via SNMP. Check DCR to make sure the SNMP credentials are correct, and verify you can perform an SNMP Walk operation from the LMS server to the ASA from Device Center > Tools > SNMP Walk. Use "system" as the starting OID.
08-18-2008 04:39 PM
This is what I get
Failed to snmpwalk the device. Please check your community string and starting OID, and try again.
I made sur ethe string is correct several times
08-18-2008 04:45 PM
Then something is blocking SNMP to this device. It could be an intermediate firewall or access-list, or it could be your ASA configuration. Can you post the config from this device?
08-18-2008 04:48 PM
there is no firewall in the middle
I have this in my snmpconfig
snmp-server enable traps snmp authentication linkup linkdown coldstart
08-18-2008 04:52 PM
This isn't sufficient. You will also need to configure a community string, and allow the LMS server to poll this device. See http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml on configuring SNMP on the ASA.
08-18-2008 04:56 PM
I added snmp-server host inside lms server IP
and I got this
system
RFC1213-MIB::sysDescr.0 = STRING: "Cisco Adaptive Security Appliance Version 8.0(3)6"
RFC1213-MIB::sysObjectID.0 = OID: CISCO-SMI::ciscoProducts.669
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (107914000) 12 days, 11:45:40.00
RFC1213-MIB::sysContact.0 = STRING: "Production Support at MHQ"
RFC1213-MIB::sysName.0 = STRING: "MHQ-ASA-01.brightstarcorp.com"
RFC1213-MIB::sysLocation.0 = STRING: "Miami Head Quarters"
RFC1213-MIB::sysServices.0 = INTEGER: 0
08-18-2008 05:17 PM
Good. You should now be able to manage the ASA in LMS.
08-18-2008 05:18 PM
yes its working, thanks.
Have you ever added a Wireless LAN Controller to LMS?
08-18-2008 05:24 PM
WLC support was added recently. You need to enable SNMPv1 on the WLC to have it work.
08-18-2008 05:28 PM
I just did that, but I have one question, when I set the community string, it ask for an IP, which Ip shoudl I use there?
08-18-2008 05:31 PM
You could add an all 0 address to allow all hosts. Else, just list the IP of the LMS server.
08-18-2008 05:45 PM
I added the LMS ip address and Ihave enable both SNMP verison 1 and 2 but the device is still withthe ?, if I do an SNMP walk it goes through with no problems.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: