Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA IPSec traps

Hi,

I'm trying to report on meaningful IPSecTunnelStop/Start traps from our ASA5540 & 5580 so our nms can report more indepth tunnel alerts. As far as I can see, the correct MIB (CISCO-IPSEC-FLOW-MONITOR-MIB.my) is loaded on our nms (Zenoss).  But, when we initiate a tunnel drop we receive a trap from the ASA that the NMS doesn't know, so classes the trap as 'Unknown' :

Resource:<dev name>
Component:
Event Class:/Unknown
Status:New
Message:snmp trap ciscoMgmt.171.2.8

The trap we should be seeing when the tunnel drops, or at least what's in the IPSEC-FLOW mib is ciscoMgmt.171.2.0.8 :

http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=1.3.6.1.4.1.9.9.171.2.0.8

I've been unsucessful in finding these 171.2.0.x OIDs, does anyone have any idea why the ASA would be sending these traps?

The ASAs are running 8.2(5)

Thanks

sjones

Everyone's tags (3)
1 REPLY
New Member

ASA IPSec traps

Is it possible that the trap is being sourced from a different interface on the ASA than the one by which your NMS "knows" the ASA ?

314
Views
0
Helpful
1
Replies