I must be missing something in the config as this is happening on multiple ASA's. I have the following config in place and not receiving any traps on our management servers. I don't even see the Trap PDU's increasing in the snmp-server statistics. Any suggestions and advice is much appreciated.
snmp-server host inside 10.235.42.38 community ****
snmp-server host inside 10.236.32.34 community ****
snmp-server host inside 10.236.36.34 community ****
snmp-server host inside 10.236.43.34 community ****
I did put this command in but I believe it's already on by default as you will only see the "no snmp-server enable" listed in the running config. Either way were still not getting or sending traps from these firewalls. Any other suggestions?
Are you able to ping the snmp servers from the firewall? Is the snmp server subnet directly connected to the firewall, or multiple hops away? Another thing to note is between the ASA and the snmp servers, are there any other firewall, or ACL that might be blocking the snmp traps?
If you run packet capture on the ASA firewall inside interface, are you seeing the snmp traps being sent out?
Lastly, what does the output of "show snmp-server statistics" show?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...