Solved: CSS SNMP Trap for Firewall VRRP issue

s.srivas · ‎01-14-2005

Is there a way to genarate trap from CSS for Firewall (Not PIX) VRRP problem.

Similar to the existing service traps

(snmp trap-type enterprise service-transition

)

Gilles Dufour · ‎01-17-2005

the suggestion applies to vrrp as well.

In this case, you can configure the phyiscal ip address if you want to monitor each firewall individually or the VRRP/shared ip address if you just want to monitor the firewalls as a single entity.

Gilles.

View solution in original post

Gilles Dufour · ‎01-14-2005

not sure what you need exactly.

Are you doing firewall loadbalancing and are you looking for a trop when a firewall goes down ?

Or is your firewall simple the default gateway for the CSS and you want to detect when it goes down or switchover ?

One suggestion would be to create a service for the firewall ip address you want to monitor.

This service will have an icmp keepalive by default and if the firewall goes down, the css will generate a trap for the service going down.

Thanks,

Gilles.

s.srivas · ‎01-14-2005

Gilles,

Thanks for the very useful replies.

Yes we are doing firewall loadbalancing in some networks while using simple firewalls on other networks.

What is a trop?

Is your suggestion to create a service applicable to vrrp (Load balancing).

Regards

Gilles Dufour · ‎01-17-2005

the suggestion applies to vrrp as well.

In this case, you can configure the phyiscal ip address if you want to monitor each firewall individually or the VRRP/shared ip address if you just want to monitor the firewalls as a single entity.

Gilles.