Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2508
Views
0
Helpful
1
Replies

PIX blasing snmp packets

jason.aarons
Level 1
Level 1

‎01-18-2005 02:40 PM

I see in the OpenView NNM Alarm Browser that PIX firewalls are hammering NNM with snmp traps about connections (show conn). This is overloading NNM. I propose the following change to stop trapping to NNM, but allow polling only;

BCBS-Pix515# show snmp

snmp-server host inside 10.10.254.233

snmp-server enable traps

BCBS-Pix515# config t

BCBS-Pix515(config)# snmp-server host inside 10.20.254.233 poll

BCBS-Pix515(config)#

!--- The host can query but is not to be sent traps.

Reference;

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094a13.shtml

I'd still like to get traps, just not the connection entries, is there a better way?

Labels:
0 Helpful
1 Reply 1

sachinraja
Level 9
Level 9

‎01-19-2005 02:26 AM

how about enabling logging through the syslog service on the PIX ? this will give you all the logging messages and are sent to the particular server specified. you can use the following commands:

logging host inside 10.10.254.233 tcp/1468 (depends)

logging facility 3 (can be from 0 - 7)

logging trap 3 (0 - 7 level)

this will send traps to the server specified. the other command will poll the traffic.

you can refer to the command reference of the PIX 6.3, where you can find options for logging:

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_command_reference_chapter09186a00801727a9.html#wp1028090

hope this helps.. all the best..

Raj

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card