Solved: Re: FPR-1140 enable diagnostic interface to monitor VPN sessions via SNMP

fhk-cwempe · ‎03-18-2020

I ahve a similar issue like in this post:

https://community.cisco.com/t5/network-security/firepower-anyconnect-vpn-sessions-snmp-monitoring/td-p/4027436

I want to monitor the amount of current vpn sessions via snmp.

But the interesting OIDs are not present when I snmpwalk on the management interface for our new Firepower 1140.

This worked for our ASA 5540 devices.

According to the above mentioned post, I need to enable the diagnostic interface of the Firepower device.

But I donw't know how exactly.

I configured the device with ASDM and there is no such interface.

I connected to the firepower CLI ("connect fxos admin"), but I see no caommand that would help me enable the interface.

Other documentations show a web interface for the powerpower part of the device.

But When I go to the management IP of the device with my browser I see the ASA webpage.

Marvin Rhoads · ‎03-18-2020

The discussion you referenced is specifically for FTD. Are you running ASA image on your Firepower 1140? If so, then you don't use the diagnostic interface. Instead use the ASA logical device management interface.

View solution in original post

Marvin Rhoads · ‎03-18-2020

The discussion you referenced is specifically for FTD. Are you running ASA image on your Firepower 1140? If so, then you don't use the diagnostic interface. Instead use the ASA logical device management interface.

fhk-cwempe · ‎03-19-2020

Thanks.

That helped my to look in a different direction and I found the problem to be my fault. :)

It is working now.