You monitoring today? Have another question for you...running snmp v2 on a cisco fwsm...i'm running into an issue when attempting to perform inventory, I'm getting credentials invalid error. Have adjusted the SNMP timeout to 30 secs (incrementally), I've reviewed the firewall to ensure SNMP is being allowed (acl - ip any any). Have verified the credential setup in works and on the FW (very simple community string). I've reviewed the IC_Server.log, with the following output provided (in part)...
[ Mon Feb 09 14:22:06 CST 2009 ],ERROR,[Thread-18],com.cisco.nm.rmeng.inventory.ics.core.CollectionController,547, Unreachable device <MY IP ADDRESS OF FWSM> com.cisco.nm.xms.xdi.DeviceAccessException: SnmpRequestTimeout on <MY IP ADDRESS OF FWSM> while performing SnmpGet at index = -1
com.cisco.nm.xms.xdi.DeviceAccessException: SnmpRequestTimeout on <MY IP ADDRESS OF FWSM> while performing SnmpGet at index = -1
It appears to be an SNMP timeout issue, but???
This error indicates that either SNMP is not making it to the FWSM, the FWSM is denying it, or the community string is wrong.
For SNMP, you also need to allow polling. For the PIX/ASA, the command is:
snmp-server host INTERFACE HOST poll community COMMUNITY
Where INTERFACE is the interface name on which SNMP traffic will be arriving, HOST is the IP address of the polling host, and COMMUNITY is the community string to be used.
You can verify that SNMP is working by using the SNMP Walk tool from CiscoWorks' Device Center. Use sysObjectID as a starting OID.