https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397607#M698257 <P>I see in the OpenView NNM Alarm Browser that PIX firewalls are hammering NNM with snmp traps about connections (show conn). This is overloading NNM. I propose the following change to stop trapping to NNM, but allow polling only;</P><P></P><P>BCBS-Pix515# show snmp</P><P>snmp-server host inside 10.10.254.233</P><P>snmp-server enable traps</P><P>BCBS-Pix515# config t</P><P>BCBS-Pix515(config)# snmp-server host inside 10.20.254.233 poll</P><P>BCBS-Pix515(config)#</P><P>!--- The host can query but is not to be sent traps.</P><P></P><P>Reference;</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml</A></P><P></P><P>I'd still like to get traps, just not the connection entries, is there a better way?</P> Fri, 21 Feb 2020 07:52:44 GMT jason.aarons 2020-02-21T07:52:44Z https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397607#M698257 <P>I see in the OpenView NNM Alarm Browser that PIX firewalls are hammering NNM with snmp traps about connections (show conn). This is overloading NNM. I propose the following change to stop trapping to NNM, but allow polling only;</P><P></P><P>BCBS-Pix515# show snmp</P><P>snmp-server host inside 10.10.254.233</P><P>snmp-server enable traps</P><P>BCBS-Pix515# config t</P><P>BCBS-Pix515(config)# snmp-server host inside 10.20.254.233 poll</P><P>BCBS-Pix515(config)#</P><P>!--- The host can query but is not to be sent traps.</P><P></P><P>Reference;</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml</A></P><P></P><P>I'd still like to get traps, just not the connection entries, is there a better way?</P> Fri, 21 Feb 2020 07:52:44 GMT https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397607#M698257 jason.aarons 2020-02-21T07:52:44Z https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397608#M698258 <HTML><HEAD></HEAD><BODY><P>You can turn off logging for just that particular message, something like:</P><P><B></B></P><P>no logging message 302015</P><P>no logging message 302013</P><P></P><P>should get the TCP and UDP connection syslogs. If there's another particular message that you're seeing a lot of, just add the above commands, the message number is the first number in the line. For example:</P><P></P><P>%PIX-6-<B>302015</B>: Built outbound UDP connection number for 10.1.1.1 to 200.1.1.1</P></BODY></HTML> Tue, 18 Jan 2005 22:49:18 GMT https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397608#M698258 gfullage 2005-01-18T22:49:18Z https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397609#M698259 <HTML><HEAD></HEAD><BODY><P>I don't want to disable syslog, but rather SNMP.</P></BODY></HTML> Wed, 19 Jan 2005 00:41:41 GMT https://community.cisco.com/t5/network-security/pix-and-snmp-traps/m-p/397609#M698259 jason.aarons 2005-01-19T00:41:41Z