10-18-2005 04:02 AM - edited 02-21-2020 12:28 AM
Hi All,
I've just installed SNMPc (6) and discovered various parts of the network.
When Polling the PIX firewalls (running ver 6.3x) the inside interface responds but the DMZ interfaces and the outside interface don't.
They are being polled using status variable "RFC1213-MIB|ifOperStatus.6"
and OID CISCO-SMI|ciscoProducts.451
There doesn't seem to be much in the way of MIBs for the PIX's but I'd have thought you could get the intefaces status.
The SNMPc box sits on the inside network
any ideas?
Thanks
10-19-2005 02:24 AM
Here is the link where you can find the MIB for the PIX.
Using SNMP with the Cisco Secure PIX Firewall:
http://www.cisco.com/warp/public/110/pixsnmp.html#mibsupportbyversion
sincerely
Patrick
10-26-2005 07:23 AM
Patrick thanks for the reply but it didn't address my question
10-27-2005 07:48 AM
Have you read the whitepaper and have you tryed with the CISCO-PROCESS-MIB-V1SMI.my MIB.
I never used CastleRock but it works without problem for MRTG and Solarwinds and I have never had troubles to get all interface stats.
I thought it might be problem with the MIB that you are using that might use the wrong OID.
PIX Firewall Software Versions 6.2.x and later: Previous MIBs and CISCO-PROCESS-MIB-V1SMI.my.
Note: The supported section of the PROCESS MIB is the cpmCPUTotalTable branch of the cpmCPU branch of the ciscoProcessMIBObjects branch. There is no support for the ciscoProcessMIBNotifications branch, ciscoProcessMIBconformance branch, or the two tables, cpmProcessTable and cpmProcessExtTable, in the cpmProcess branch of the ciscoProcessMIBObjects branch of the MIB
:-(
10-31-2005 02:28 AM
Thanks again for your assistance Patrick.
I managed to figure out the problem... SNMPc was trying to poll the IP addresses of the interfaces to get SNMP info. e.g to get the status of the oputside interface it polled the outside interface IP and got no response. I modified the program use the inside interface to gather SNMP info for all the intefaces and if works fine. (hope that makes sense)
Regards
David
10-29-2005 06:55 AM
Hi,
Surelly I'm worng, but I remember that you cann't access (ping, telnet, snmp) to a PIX ussing a remote interface.
YOU--- outside-PIX-inside.
You can use ping/snmp to the outside interface (nearest interface to you), but you can do it to inside.
Hope this help ( and sorry by my english).
Juan.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: