Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5473
Views
26
Helpful
17
Replies

CSCvt97205 - SNMPPOLL/SNMPTRAP to remote end (site-to-site vpn) ASA interface fails on ASA 9.14.1

Jose Anda
Level 1
Level 1

‎03-09-2021 09:43 AM

Hello,

 

Can anyone please confirm if this bug is resolved in 9.15.1? I am running an ASA5516x -  9.15.1 and we are still not able to poll snmp from the ASA over the s2s vpn tunnel

12 people had this problem
Labels:
17 Replies 17

jont717
Level 1
Level 1
In response to kaghy2

‎09-01-2023 05:24 AM

I don't think it is going to be fixed the way you want it to. It's a
feature. It is by design.
0 Helpful

alexhunter
Level 1
Level 1

‎09-01-2023 05:19 AM

This is unfortunately now by design of the software I believe. We ended up implementing the workaround/new design and it does work, it just means you need to poll SNMP via the outside interface where your VPN peers to from, and amend the access lists at both ends to make sure the interesting traffic includes the outside addresses. This might explain it better https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvt97205

0 Helpful

andres.saxegaard
Level 1
Level 1

‎09-01-2023 06:19 AM

The workaround will "work," but creates some other problems, and of course bloats your configs.  As of 9.18(2), it's possible to add a loopback interface, to handle the management functions through VPN, not complete yet, but it's a start.  Seems to work well on my production units.  ASDM doesn't work towards lo interface though, so if you're a gui-guy, you'll probably have to wait. 

0 Helpful
Customers Also Viewed These Support Documents