Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
350
Views
0
Helpful
1
Replies

how to sync AAA users with local snmp cache on ASA firewalls for snmp version 3

ssheorai
Level 1
Level 1

‎05-25-2015 07:54 AM - edited ‎03-11-2019 10:59 PM

Hi Team,

I have tacacs configured for central authentication to my ASA 5585 (8.4.2) firewalls. Now I want my polling server to use same credential for ssh and other snmp polling operations, how do I do that without configuring any local snmp v3 user on the box. Please let me know if this is possible on ASA boxes. I know its possible on Nexus 7000 and nexus 5500 switches using a hidden command as below

 

snmp-sync-password <username> <pass> <host_ip>

 

for nexus switches, the polling server will use TACACs credentials for SSH and then push the above command on the switch. This will make the user credential synchronize in the local snmp user cache for 1 hr and the user can be seen when we execute the 'show snmp user'command.

 

So is there a way to do the same for ASA firewalls and from which image version as I have 8.4.2 version running on my Customer's boxes.

 

Any help would be highly appreciated else I will have to go on with snmp v2 only. :( 

Also do we have separate RO and RW community strings on ASA for polling as I could only find a single option to just configure a community string

My mail id: ssheorai@cisco.com

Labels:
0 Helpful
1 Reply 1

sbhadrav@cisco.com
Level 5
Level 5

‎03-21-2018 12:20 AM

Here is configuration guide to configure SNMP on ASA:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/monitor.html.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card