Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SNMP and PIX ver. 7.x question.

Hi all,

I have question related to downloading

configuration of PIX with snmp protocol.

Iv configured support of snmp on our PIX

but when I want to download config I see

that I have only RO access.

Is it possible to have RW access to PIX and which MIBs should I compile to be able download config from PIX?

Thanks a lot for help in advance.

BR.

jl

5 REPLIES
New Member

Re: SNMP and PIX ver. 7.x question.

To my knowledge PIX doesn't support RW access because it considers it a security risk. Use open source tool RANCID for config backup. It works across SSH and uses "write term" command to capture the config.

New Member

Re: SNMP and PIX ver. 7.x question.

Hi jl

the PIX doesn't provide SNMP write access for sure, it only provides SNMP read and trap access, so I am sorry but there is no way to have SNMP write access :)

check the following link:

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/config/trouble.htm#wp1042029

Kindest Regards,

Shadi`

New Member

Re: SNMP and PIX ver. 7.x question.

Hi all,

now Im really unhappy. Iv installed

a new free monitoring tool and I can

download to database config from our

switches. But PIX config no.

Ill try to install RANCID.

Do you know some other similar tool like RACID?

Or is it the best?

When I want to browse MIB I use GetIF.

Thanks a lot for advice.

BR

jl

New Member

Re: SNMP and PIX ver. 7.x question.

It's not disappointing at all mate ... I would be really disappointed if the PIX did support RW SNMP ...

SNMP is not a secure protocol and using it to write to a security appliance is mad ... Cisco did the right thing ...

Cheers.

S.

New Member

Re: SNMP and PIX ver. 7.x question.

what makes you thing that SNMP is not a secure

protocol? Have you ever used SNMP version 3?

Cisco should make snmp version 3 available on

security appliance and let the market decides.

Nokia/CP and Juniper firewalls have snmp version

3 available on their firewalls for years.

David

CCIE Security

157
Views
0
Helpful
5
Replies
CreatePlease login to create content