multi-context FWSM versus SNMP...

Unanswered Question
Aug 7th, 2009
User Badges:

Has anyone out there managed to get a multi-context FWSM module to enable polling of SNMP (RO) counters on any of the defined contexts?

I can't get it to work. Despite having the appropriate snmp-server statements in the config. The same statements that work fine with my ASA's. I notice a few others on the forum having the same problem. But no answers.

the logged message is (IP's altered)

Aug 6 14:34:10 OddVLANs %FWSM-3-710003: udp access denied by ACL from to CDC-TD-Core-Networks:

Aug 6 14:34:11 OddVLANs %FWSM-3-710003: udp access denied by ACL from to CDC-TD-Core-Networks:

Aug 6 14:34:12 OddVLANs %FWSM-3-710003: udp access denied by ACL from to CDC-TD-Core-Networks:

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Syed Iftekhar Ahmed Fri, 08/07/2009 - 09:53
User Badges:
  • Blue, 1500 points or more

Can you post the related snmp config?

Have you configured snmp for trap only and trying to poll?


lchuser7680 Tue, 08/11/2009 - 01:15
User Badges:

Nope. It's configured for poll. I've also tried trap and poll together... And as an experiment, just trap. Nothing doing...

I've also got rules allowing the manager to access SNMP anywhere... And that works. It's only SNMP TO the contexts that doesn't work (Any of the contexts on the module).

Test/OddVLANs/act# sh run | in snmp-se

snmp-server host CDC-TD-Core-Networks poll community comm version 2c

no snmp-server location

snmp-server contact [email protected]

snmp-server community comm

snmp-server enable traps snmp linkup linkdown coldstart

snmp-server enable traps syslog

lchuser7680 Tue, 08/11/2009 - 04:45
User Badges:


Looks like the admin context snmp settings affect all the other contexts as well.

The admin context had a different listen port set for the snmp server by

snmp-server listen-port 163

changing that to

snmp-server listen-port 161

in the admin context kicked ALL the contexts into life. Looks like some of the settings are shared between contexts (i.e. not just AAA).



This Discussion