07-25-2006 09:51 PM - edited 03-09-2019 03:42 PM
Hi,
Consider a situation in which ASA's outside interface with a security level of 0 is connected to the WAN router's ethernet interface.
Is it possible to send SNMP traps from this router to logging software residing on the ASA's inside interface with a security level of 100?
Any help will be greatly appreciated.
--Noman Bari
07-25-2006 10:29 PM
I assume router interface has Public IP and logging server has private IP...
So if you want to reach server from outside you need static mapping of server to some public IP
static (inside,outside) server_public_IP server_inside_IP netmask 255.255.255.255
and also permit SMTP traffic (snmp traps UDP 162) assume your outside ACL is named out
access-list out permit udp host router_IP host server_public_IP eq 162
M.
Hope that helps
07-25-2006 10:49 PM
Hi M.,
Thank you for helping out. Just to clearify, please inform what do you mean by " also permit SMTP traffic"...Do u mean SNMP traffic bcuz thatz what the 162 shows...
--Noman Bari
07-25-2006 11:02 PM
ahhh Sorry I meant SNMP traffic - SMTP is really not needed for SNMP traps :)))) Sorry for this mistake
07-25-2006 11:20 PM
Hi M.,
Thanx for clearing this out....Therez absolutely no need for u to say sorry here
:)...typo errors follow the Murphy's law... :) ...
--Noman
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: