Solved: Extracting the ARP table with SNMP from an FTD device

tgrundbacher · ‎12-01-2016

I'm trying to extract the ARP table from an (FMC-managed) FTD 6.1 device, yet I couldn't figure out how to do it. My customer has been doing this at location .1.3.6.1.2.1.4.22.1.2 with his McAfee Sidewinder firewalls I'm about to replace, but FTD doesn't respond to this.

Is there another way to do this? And is there an MIB file for FTD one can take as a reference? I couldn't find anything under ftp://ftp.cisco.com/pub/mibs/supportlists

Thanks for any hint

Toni

Oliver Kaiser · ‎12-03-2016

I have checked the MIBs and unfortunetly polling arp information via snmp is not possible. This limitation is also listed in the documentation here

The only workaround is parsing the show arp output using cli scrapping.

View solution in original post

Oliver Kaiser · ‎12-02-2016

Have you configured snmp access in your platform settings in Firepower Management Center? FTD should expose the same MIBs as ASA, since ASA code is still running in FTD which is configured for SNMP using the platform settings.

tgrundbacher · ‎12-02-2016

Thanks for your reply. I have enabled SNMP on both the FMC and the managed device (ASA5525) and I'm able to access different OIDs on both of them.

Oliver Kaiser · ‎12-03-2016

I have checked the MIBs and unfortunetly polling arp information via snmp is not possible. This limitation is also listed in the documentation here

The only workaround is parsing the show arp output using cli scrapping.

tgrundbacher · ‎12-04-2016

Thanks kaisero, I guess this makes it pretty clear then.