06-22-2006 05:24 PM - edited 02-21-2020 02:29 PM
I have a pix in the UK that connects via the internet to a VPN concentraiter in Aus.
I have a network monitoring box in AUS that I want to poll the PIX in the UK.
The problem is that I want to monitor the internal interface of the pix, and have the traffic go via the ipsec tunnel.
So it looks like:
NMBox --FW--VPN CON--Internet--PIX-Inside
I can see the udp connection hit the pix in the logs, but it does not appear to return the traffic. The SNMP config off the pix is:
snmp-server host inside 1.1.1.1 poll
!
snmp-server community someDodgeySNMPstring
snmp-server enable traps
Any ideas would be most appreciated :)
Thanks
Solved! Go to Solution.
06-23-2006 12:06 AM
Daniel,
What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.
(in config mode)
management-access inside
Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.
Hope this helps and pls rate posts! :)
Jay
06-22-2006 08:36 PM
hi,
Hope this link can solve your question.
06-23-2006 12:04 AM
I don't know about polling the inside interface over a VPN to the outside, but you can defintely monitor the outside interface. We NAT on the local (to the NMS) pix to make the addresses more convenient.
06-23-2006 12:06 AM
Daniel,
What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.
(in config mode)
management-access inside
Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.
Hope this helps and pls rate posts! :)
Jay
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide