snmp error

Unanswered Question
Jun 23rd, 2010
User Badges:

hello, I am using the ASA 5505 firewall. Recently ,i have enabled the snmp in the device so that i can monitor  the device through the monitoring tool.

So I installed the Cacti monitoring tool in my server. But the cacti is not showing the firewall graph. Instead, it is showing the SNMP error.

I am puzzled what to do .can anyone help me out ragarding this issue?

my snmp configuration is as follows:


snmp-server host inside x.x.x.x community secretword udp-port 161
snmp-server location Billing Room
snmp-server contact allen
snmp-server community *****
snmp-server enable traps snmp linkup linkdown coldstart
snmp-server enable traps syslog



Note: x.x.x.x represents the server IP address where i have installed cacti tool.


Regards,

Nisha

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joe Clarke Wed, 06/23/2010 - 17:33
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

What errors are you seeing on the ASA?  That is, is udp/161 being blocked on it or on another hop in the network?  If you do a packet capture o

n the ASA, do you see the SNMP packets arriving?

nisha.timilsina Wed, 06/23/2010 - 21:35
User Badges:

hello,

i am not getting any errors related to the snmp in the ASA 5505. now what

can be done further?

waiting for your response.


Regards,

Nisha


On Thu, Jun 24, 2010 at 6:18 AM, jclarke

nisha.timilsina Wed, 06/23/2010 - 21:36
User Badges:

hello,

i am not getting any errors related to the snmp in the ASA 5505. now what can be done further?

waiting for your response.


Regards,

Nisha

yucelbasoglu Wed, 06/23/2010 - 23:26
User Badges:

Hi Nisha,


Can you open debug on asa?

"debug snmp event"

"debug snmp error"

"debug snmp packet"


You can see the server request in this way.


Regards,

nisha.timilsina Thu, 06/24/2010 - 23:18
User Badges:

hello,

The ASA 5505 didnt accept these commands:

"debug snmp event"

"debug snmp error"

"debug snmp packet"

Instead, it accepts only "debug snmp" command.

i hit this command in my machine but still it is not showing any error

messages.

what can be done now?


Regards,

Nisha



On Thu, Jun 24, 2010 at 12:11 PM, yucelbasoglu <

yucelbasoglu Fri, 06/25/2010 - 02:02
User Badges:

ok,


Please read the this document about ASA SNMP Configuration Example.


http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml


And,


Please try floowing configuration,


I hope I could help,


Regards,



Issue these commands to permit polling/queries and traps in the PIX:

snmp-server host #.#.#.#

!--- IP address of the host allowed to poll
!--- and where to send traps.

snmp-server community <whatever>
snmp-server enable traps

PIX Software Versions 6.0.x and later allow more granularity with regard to traps and queries.

snmp-server host #.#.#.#

!--- The host is to be sent traps and can query.

snmp-server host #.#.#.# trap 

!--- The host is to be sent traps and cannot query.

snmp-server host #.#.#.# poll 

!--- The host can query but is not to be sent traps.

PIX/ASA Software Versions 7.x allow more granularity with regard to traps and queries.

hostname(config)#snmp-server host   trap community 

!--- The host is to be sent traps and cannot query 
!--- with community string specified.

hostname(config)#snmp-server host   poll community 

!--- The host can query but is not to be sent traps 
!--- with community string specified.

Note: Specify trap or poll if you want to limit the NMS to receiving traps only or browsing (polling) only. By default, the NMS can use both functions.

SNMP traps are sent on UDP port 162 by default. You can change the port number with the udp-port keyword.

nisha.timilsina Sun, 06/27/2010 - 23:50
User Badges:

hello,

i already hit these commands. still it is not working.


On Fri, Jun 25, 2010 at 2:47 PM, yucelbasoglu <

Actions

This Discussion