03-15-2006 07:32 AM
Does anyone know if the following is implying that the only way to receive PIX failover notification via SNMP is to send syslogs as SNMP traps?
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/failover.htm
"To receive SNMP syslog traps (SNMP failover traps), configure the SNMP agent to send SNMP traps to SNMP management stations, define a syslog host, and compile the Cisco syslog MIB into your SNMP management station. See the snmp-server and logging command in the Cisco PIX Firewall Command Reference for more information."
Had a stateful failover between two PIXes recently, a syslog was received, but no SNMP trap. "snmp-server enable traps" is configured.
03-21-2006 08:36 AM
You need to have the "logging history debug" command to generate all standard and syslog traps
Refer to 'Configuring PIX 5.1 and Later for a Subset of Traps' section of
03-22-2006 09:12 AM
We have this config:
logging history errors
snmp-server enable traps
The way I read that doc, even "logging history alert" should have gotten us a failover trap, should it not?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide