Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question about SNMP trap of Pix

Hello everyone,

Model:Pix 515-E x 2

(Active/Standby Failover)

OS version 6.3(5)

When Active Pix is downed and standby Pix changes Active, is SNMP trap sent?

If SNMP trap is sent,what trap is sent ?

Regards,

reiji

1 REPLY

Re: Question about SNMP trap of Pix

PIX SNMP has 2 portions, generic traps and security-related events sent via the Cisco syslog MIB.

a. Generic traps - Link up and link down, Cold start & authentication failure (mismatched community string)

b. Security-related events sent via the Cisco syslog MIB - Global access denied, Failover syslog messages & Syslog messages

For you to get the failover snmp message, you have to add/enable the syslog for logging history. This is because generic snmp traps does not include failover messages.

It is included under syslog messages.

Therefore, beside the common snmp parameters, i.e:

snmp-server host 192.168.1.10

snmp-server location Data Center, 2nd Flr

snmp-server contact NetAdmin (admin@abc.com)

snmp-server community secretkey

snmp-server enable traps

Add 2 things:

1. # logging on ---> enable logging

2. # logging history debugging -----> or set lower level, i.e informational

* logging history command sets the severity level for SNMP syslog messages

When failover occur, you should get the failover-related messages.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1091257

HTH

AK

186
Views
0
Helpful
1
Replies
CreatePlease login to create content