Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
376
Views
0
Helpful
3
Replies

PIX with SNMP

Go to solution
townofnewmarket
Level 1
Level 1

‎08-03-2009 11:11 AM - edited ‎03-11-2019 09:02 AM

I have a PIX 515 version 6.3 software.

I use What's UP Gold for some basic network monitoring. What I really want to keep an eye on for the PIX is

sho connections

How do I do that with SNMP? I can't seem to find it in the MIB at all...and does Cisco offer any sort of software to make monitoring the PIX (CPU, Memory, Connections, etc) nice and easy?

Thank you.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎08-03-2009 11:43 AM

Chief-

No easy way, just have to use the MIBs. Hope these help.

PIX/ASA/FWSM

System: 1.3.6.1.2.1.1

Interfaces: 1.3.6.1.2.1.2

IP: 1.3.6.1.2.1.4

Memory: 1.3.6.1.2.1.4.1.9.9.48

CPU: 1.3.6.1.2.1.4.1.9.9.109

Firewall: 1.3.6.1.2.1.4.1.9.9.147

Buffers: 1.3.6.1.2.1.4.1.9.9.147.1.2.2.1

Connections: 1.3.6.1.2.1.4.1.9.9.147.1.2.2.2

SSL Stats: 1.3.6.1.4.1.3076.2.2.26

IPSec Stats: 1.3.6.1.2.1.4.1.9.9.171

Remote Access Stats: 1.3.6.1.2.1.4.1.9.9.392

FIPS Stats: 1.3.6.1.2.1.4.1.9.9.999999

Active Connections in PIX/ASA Firewall: 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.7

The total number of currently active IPsec Phase-2 Tunnels: 1.3.6.1.4.1.9.9.171.1.3.1.1.0

You will need the following MIBs: IF-MIB, RFC1213-MIB, CISCO-MEMORY-POOLMIB, CISCO-PROCESS-MIB, ENTITY-MIB, CISCO-SMI, CISCO-FIREWALL-MIB, ASA also adds CISCO-IPSEC-FLOW-MONITOR-MIB, CISCO-FIPS-STAT-MIB, and ALTIGA-SSL-STATS-MIB.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎08-03-2009 11:43 AM

Chief-

No easy way, just have to use the MIBs. Hope these help.

PIX/ASA/FWSM

System: 1.3.6.1.2.1.1

Interfaces: 1.3.6.1.2.1.2

IP: 1.3.6.1.2.1.4

Memory: 1.3.6.1.2.1.4.1.9.9.48

CPU: 1.3.6.1.2.1.4.1.9.9.109

Firewall: 1.3.6.1.2.1.4.1.9.9.147

Buffers: 1.3.6.1.2.1.4.1.9.9.147.1.2.2.1

Connections: 1.3.6.1.2.1.4.1.9.9.147.1.2.2.2

SSL Stats: 1.3.6.1.4.1.3076.2.2.26

IPSec Stats: 1.3.6.1.2.1.4.1.9.9.171

Remote Access Stats: 1.3.6.1.2.1.4.1.9.9.392

FIPS Stats: 1.3.6.1.2.1.4.1.9.9.999999

Active Connections in PIX/ASA Firewall: 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.7

The total number of currently active IPsec Phase-2 Tunnels: 1.3.6.1.4.1.9.9.171.1.3.1.1.0

You will need the following MIBs: IF-MIB, RFC1213-MIB, CISCO-MEMORY-POOLMIB, CISCO-PROCESS-MIB, ENTITY-MIB, CISCO-SMI, CISCO-FIREWALL-MIB, ASA also adds CISCO-IPSEC-FLOW-MONITOR-MIB, CISCO-FIPS-STAT-MIB, and ALTIGA-SSL-STATS-MIB.

0 Helpful

Go to solution
townofnewmarket
Level 1
Level 1
In response to Collin Clark

‎08-03-2009 11:55 AM

Ugh, what I was afraid of!

0 Helpful

Go to solution
GRANT GATHAGAN
Level 1
Level 1
In response to townofnewmarket

‎08-03-2009 04:03 PM

Take a look at FireGen reporter for PIX from Altair Technology.

It's not the most intuitive piece of software that I've ever set up, but it does a good job in analyzing syslog files.

It wouldn't be a real-time monitor, but you could probably set it up to generate reports as frequently as you desire.

http://www.altairtech.ca/

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card