Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Castlerock SNMPc - And PIX Firewalls

Hi All,

I've just installed SNMPc (6) and discovered various parts of the network.

When Polling the PIX firewalls (running ver 6.3x) the inside interface responds but the DMZ interfaces and the outside interface don't.

They are being polled using status variable "RFC1213-MIB|ifOperStatus.6"

and OID CISCO-SMI|ciscoProducts.451

There doesn't seem to be much in the way of MIBs for the PIX's but I'd have thought you could get the intefaces status.

The SNMPc box sits on the inside network

any ideas?

Thanks

  • Other Security Subjects
5 REPLIES

Re: Castlerock SNMPc - And PIX Firewalls

Here is the link where you can find the MIB for the PIX.

Using SNMP with the Cisco Secure PIX Firewall:

http://www.cisco.com/warp/public/110/pixsnmp.html#mibsupportbyversion

sincerely

Patrick

New Member

Re: Castlerock SNMPc - And PIX Firewalls

Patrick thanks for the reply but it didn't address my question

Re: Castlerock SNMPc - And PIX Firewalls

Have you read the whitepaper and have you tryed with the CISCO-PROCESS-MIB-V1SMI.my MIB.

I never used CastleRock but it works without problem for MRTG and Solarwinds and I have never had troubles to get all interface stats.

I thought it might be problem with the MIB that you are using that might use the wrong OID.

PIX Firewall Software Versions 6.2.x and later: Previous MIBs and CISCO-PROCESS-MIB-V1SMI.my.

Note: The supported section of the PROCESS MIB is the cpmCPUTotalTable branch of the cpmCPU branch of the ciscoProcessMIBObjects branch. There is no support for the ciscoProcessMIBNotifications branch, ciscoProcessMIBconformance branch, or the two tables, cpmProcessTable and cpmProcessExtTable, in the cpmProcess branch of the ciscoProcessMIBObjects branch of the MIB

:-(

New Member

Re: Castlerock SNMPc - And PIX Firewalls

Thanks again for your assistance Patrick.

I managed to figure out the problem... SNMPc was trying to poll the IP addresses of the interfaces to get SNMP info. e.g to get the status of the oputside interface it polled the outside interface IP and got no response. I modified the program use the inside interface to gather SNMP info for all the intefaces and if works fine. (hope that makes sense)

Regards

David

New Member

Re: Castlerock SNMPc - And PIX Firewalls

Hi,

Surelly I'm worng, but I remember that you cann't access (ping, telnet, snmp) to a PIX ussing a remote interface.

YOU--- outside-PIX-inside.

You can use ping/snmp to the outside interface (nearest interface to you), but you can do it to inside.

Hope this help ( and sorry by my english).

Juan.

206
Views
5
Helpful
5
Replies
This widget could not be displayed.