05-20-2010 02:20 AM
Hello,
Does anyone have an idea about how to disable ICMP queries from the LMS to an ASA firewall? Can we disable ICMP on an ASA and still be able to manage/monitor it in the DFM?
Many thanks,
05-20-2010 07:44 PM
This will not be possible. DFM requires ICMP to be able to manage devices. DFM will use ICMP and SNMP to build its events and alerts.
05-21-2010 02:57 AM
Clear. But the LMS is pinging all the ASA interfaces although it's managed by its inside interface only. Is it a normal case?
05-21-2010 03:33 AM
When you add a device it adds all the interfaces of the devices. what you should do is go to device manager and select the device and under the interfaces make the desired interfaces status to False from drop down menu. This interfaces will not monitored any more.
HTH
Hitesh Vinzoda
Please rate helpful posts.
05-21-2010 10:55 AM
While you can do this, you may not want to disable the entire interface. Instead, if you only want to disable the ICMP polling of the interface IP, go to DFM > Device Management > Device Details, and select the IP option from the tree (when you have launched the Detailed Device View for your ASA). In the right-hand frame you should see a list of IPs on the ASA. Make sure all of them have a management state of false except the IP by which the ASA is managed. That will prevent pings from going out to those other interfaces while making sure DFM can report on other interface-related faults.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: