PIX SNMP has 2 portions, generic traps and security-related events sent via the Cisco syslog MIB.

a. Generic traps - Link up and link down, Cold start & authentication failure (mismatched community string)

b. Security-related events sent via the Cisco syslog MIB - Global access denied, Failover syslog messages & Syslog messages

For you to get the failover snmp message, you have to add/enable the syslog for logging history. This is because generic snmp traps does not include failover messages.

It is included under syslog messages.

Therefore, beside the common snmp parameters, i.e:

snmp-server host 192.168.1.10

snmp-server location Data Center, 2nd Flr

snmp-server contact NetAdmin (admin@abc.com)

snmp-server community secretkey

snmp-server enable traps

Add 2 things:

1. # logging on ---> enable logging

2. # logging history debugging -----> or set lower level, i.e informational

* logging history command sets the severity level for SNMP syslog messages

When failover occur, you should get the failover-related messages.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172797.html#wp1091257

HTH

AK