jsivulka Thu, 08/28/2008 - 11:41
User Badges:
  • Bronze, 100 points or more

You can Configuring SNMP- MS on a PIX.

Here are some relevant commands to get you started. More information can be found in the

"Cisco PIX Firewall and VPN Configuration Guide, Version 6.3", on the Cisco site at


http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_installation_and_configuration_guides_list.html

Let me know if this has addressed your questions, and if there is anything else I can help you with.


The "Using SNMP" section is in "Accessing and Monitoring PIX Firewall".



Receiving Requests and Sending Syslog Traps


Follow these steps to receive requests and send traps from the PIX Firewall to an SNMP management station:


Step 1 Identify the IP address of the SNMP management station with the snmp-server host command.


Step 2 Set the snmp-server options for location, contact, and the community password as required.


If you only want to send the cold start, link up, and link down generic traps, no further configuration is required.


If you only want to receive SNMP requests, no further configuration is required.


Step 3 Add an snmp-server enable traps command statement.


Step 4 Set the logging level with the logging history command:

logging history debugging


We recommend that you use the debugging level during initial set up and during testing.

Thereafter, set the level from debugging to a lower value for production use.


(The logging history command sets the severity level for SNMP syslog messages.)


Step 5 Start sending syslog traps to the management station with the logging on command.


Step 6 To disable sending syslog traps, use the no logging on command or the no

snmp-server enable traps command.


The commands in Example 9-11 specify that PIX Firewall can receive the SNMP requests from

host 192.168.3.2 on the inside interface but does not send SNMP syslog traps to any host.


Example 9-11 Enabling SNMP


snmp-server host 192.168.3.2


snmp-server location building 42


snmp-server contact kim lee


snmp-server community ohwhatakeyisthee


The location and contact commands identify where the host is and who administers it. The

community command specifies the password in use at the PIX Firewall SNMP agent and the

SNMP management station for verifying network access between the two systems.



Actions

This Discussion