cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
309
Views
10
Helpful
4
Replies

SNMP Stats on PIX OS 7.0

scheikhnajib
Level 1
Level 1

Hi,

I have a PIX 515E-UR running PIX OS 7.0 with VLAN interfaces configured on this unit where each VLAN is representing a client.

When collecting bandwidth stats for the VLAN interfaces using SNMP I'm getting really ridiculous figures; the results are at least 10 times the real traffic.

I didn't have this problem before upgrading the OS on the PIX unit.

Any ideas ???

Salem.

4 Replies 4

scheikhnajib
Level 1
Level 1

Hi,

I have found a hint that might help. All packet and byte counters for all VLAN interfaces are the same as the physical interface. It seems that the correct counts that respresent the "inside" interface are replicated over all logical VLAN interfaces without taking into consideration each interface traffic independently.

Still Lost ...

Salem.

Hi Salem,

I am having the same problem with a firewall which has been upgraded from 6.3 to 7.0(1) All VLAN interfaces are returning the interface statistics from the physical interface. Under 6.3 all VLANs returned individual statistics. The SNMP utility identifies the VLAN interfaces correctly. ThereforeI suspect something has changed in the SNMP implementation in 7.0(1) but I don't know how to go about investigating further.

I wish I could help more, but it may be useful to include details of the setups. This might help to eliminate potential issues, or highlight others.

Our setup is as follows:

PIX 515 running 7.0(1)

6 physical interfaces, one of these has 4 VLANs configured.

Collecting and graphing statistics using Cacti 0.8.5 running on RH9. I was considering upgrading Cacti, but I'm holding off because I feel the issue is more likely to be with the PIX code.

I've checked open and closed cavaets for 7.0(X) but can't see anything relevant.

Any thoughts anyone?

Hi Mate,

After wasting days and hours, it was a bug in OS 7.0(1); thanks God we had a support contract for this specific unit and Cisco TAC investigated the issue and returned saying that this is an "internal" bug and it is not reported in the bug list for each release.

You need to upgade to PIX OS 7.0(4) and also you can have the ASDM 5.0(4).

I have upgraded my unit and MRTG is showing non-CRAZY figures again ... ;-)

Hope this helps ...

Salem.

Thanks Salem,

I'll upgrade to 7.0(4). I was sure it was a bug!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: