Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member



We have a monitoring tool at our host site. We need to be able to monitor

devices at a remote site that are not accessible directly from our host site. We have a router at the remote site that is accessible by the host site monitoring tool. The remote

router is able to access the remote device that we need to monitor. The desire is for an SNMP request to be requested by the host tool and for the remote router to receive the request and in turn direct to the devices internal to that remote router and return information to the tool at the host site. I am not sure if this is possible. If so what if anything needs to be configured on the remote router.


Cisco Employee

Re: Monitor

This kind of proxying is not supported by IOS. But what you might consider instead is a VPN tunnel which terminates on your remote router, and allows you to reach the remote devices. The advantage of this approach would be extra security.

That said, there is a feature coming in Embedded Event Manager 3.1 which will allow one to write policies to intercept SNMP messages. You could probably develop an application which would do what you want. EEM 3.1, however, is still a few months out at least.

Cisco Employee

Re: Monitor

I assumed you've already ruled out NAT as a possibility, but certainly if you could do static NAT on the remote router, that could work. That is, map the inside devices to externally reachable NAT'd addresses. There are some caveats when using SNMP though NAT, though. You will not see any of the IP addresses embedded in SNMP PDUs translated. They will all appear as if they were internal.

Community Member

Re: Monitor

Hi jclarke,

NAT would not work because of the limited number of public IP addresses.

I don't think VPN would work. We intentionally keep these on the “outside” of our network.

I think I read a little about EEM. From what I read it sounded as though it would perform an action based on traps which wouldn't work for us either.

Can you please suggest anything about proxy ping? I ran across this when searching for snmp proxy. It would be helpful to at least know when the devices are not reachable.


Cisco Employee

Re: Monitor

This you could do with IPM. That is, set up IP SLA ICMP echo collectors on your reachable remote router. Have those collectors ping the internal target devices. You can then run reports in IPM to look at latency and availability.

To do this, add the IP addresses of the internal devices as adhoc targets under IPM > Collector Mgmt > Devices. Then, go to Collectors, and add collectors choosing your remote router as a source, and the adhoc targets as targets. For operation, choose Echo > DefaultIpEcho.

There is another option using the CISCO-PING-MIB, but there are no hooks in LMS for configuring it, and I think using IPM might be a better solution for you.

CreatePlease to create content