cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2759
Views
0
Helpful
2
Replies

Allow SNMP via Management Interface

johnlloyd_13
Level 9
Level 9

hi all,

i've configured a new 5525-X and SSH/TACACS+ is fine.

i can't seem to make SNMP work and can't add the ASA in solarwinds NPM.

i can ping the SNMP polling server and PT result was ok.

can someone please advise? is SNMP allowed on the ASA MGMT interface?

 

# sh run | i snmp
snmp-server host management 10.111.0.26 community ***** version 2c

# ping management 10.111.0.26
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.111.0.26, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 210/212/220 ms


# packet-tracer input management udp 10.111.0.26 161 172.27.0.124 161

Phase: 1
Type: ROUTE-LOOKUP
Subtype: input
Result: ALLOW
Config:
Additional Information:
in   172.27.0.124    255.255.255.255 identity

Phase: 2
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:

Phase: 3
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:

Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:

Phase: 5
Type: CLUSTER-REDIRECT
Subtype: cluster-redirect
Result: ALLOW
Config:
Additional Information:

Phase: 6
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 190, packet dispatched to next module

Result:
input-interface: management
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: allow

 

access-list MGMT extended permit icmp any any time-exceeded
access-list MGMT extended permit icmp any any unreachable
access-list MGMT extended permit tcp host <SSH NMS> host 172.27.0.124 eq ssh

access-group MGMT in interface management

route management 10.111.0.0 255.255.255.0 172.27.0.121

 

2 Replies 2