cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
404
Views
2
Helpful
2
Replies

Monitoring using UnifiedFirewall-MIB ASA/Pix v7.2x

STEFFEN NEUSER
Level 4
Level 4

We want to monitor ASA and Pix'es. Studiing supported MIB's we found out, that usefull resource metrics worth to be monitored are only be specified at the Cisco-Unified-Firewall-MIB, that should be supported beginning from v7.2.

Probing v7.2x productive devices using snmpwalk we also found out, that just less than 5% of the OID's from the Cisco-Unified-Firewall-MIB are supported from the devices and most of this fiew OID's shows just 0.

Q:

1. Are their activation commands necesssary at ASA or Pix, so that the v7.2x devices drives that OID's?

2. Is Cisco-UnifiedFirewall-MIB just at experimental state?

3. can we expect more with supporting of Cisco-UnifiedFirewall-MIB?

thx for answers, Steffen

2 Replies 2

Farrukh Haroon
VIP Alumni
VIP Alumni

This is the official word:

ftp://ftp-sj.cisco.com/pub/mibs/supportlists/asa/asa-supportlist.html

"CISCO-UNIFIED-FIREWALL-MIB.my Limited support for objects under cuFwConnectionGrp and cuFwUrlFilterGrp. "

Please rate helpful posts.

Regards

Farrukh

thx for answer. OK, now I understand: we must read it in this manner "Limited support for objects under cuFwConnectionGrp and cuFwUrlFilterGrp." and "all other groups not".

cuFwUrlFilterGrp is supported very well in real, but we don't need it.

cuFwConnectionGrp (almost nothing is supported there) and some other groups specified in this MIB would be very helpful, to can monitor firewalling issue's.

The aim was to reach an ADSM like monitoring, but real historical and centralized.

Steffen

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: