Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SNMP Poll PIX Through VPN Tunnel

I have a pix in the UK that connects via the internet to a VPN concentraiter in Aus.

I have a network monitoring box in AUS that I want to poll the PIX in the UK.

The problem is that I want to monitor the internal interface of the pix, and have the traffic go via the ipsec tunnel.

So it looks like:

NMBox --FW--VPN CON--Internet--PIX-Inside

I can see the udp connection hit the pix in the logs, but it does not appear to return the traffic. The SNMP config off the pix is:

snmp-server host inside 1.1.1.1 poll

!

snmp-server community someDodgeySNMPstring

snmp-server enable traps

Any ideas would be most appreciated :)

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: SNMP Poll PIX Through VPN Tunnel

Daniel,

What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.

(in config mode)

management-access inside

Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.

Hope this helps and pls rate posts! :)

Jay

3 REPLIES
New Member

Re: SNMP Poll PIX Through VPN Tunnel

Re: SNMP Poll PIX Through VPN Tunnel

I don't know about polling the inside interface over a VPN to the outside, but you can defintely monitor the outside interface. We NAT on the local (to the NMS) pix to make the addresses more convenient.

Gold

Re: SNMP Poll PIX Through VPN Tunnel

Daniel,

What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.

(in config mode)

management-access inside

Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.

Hope this helps and pls rate posts! :)

Jay

229
Views
0
Helpful
3
Replies
CreatePlease to create content