Solved: SNMP feature configuration || firepower 2110

SURAJPRAKASH3832 · ‎06-30-2019

I have firepower 2110 firewall & it is running with FTD IOS & managed locally FDM. I would like to configure SNMP to monitor Firewall in Network monitoring system but I could find any option in firepower 2110 in FDM to configure SNMP feature.

Could you please let us know how can I configure SNMP feature in Firepower 2110 by FDM. Could you please provide me command line guide for FTD.

Marvin Rhoads · ‎07-01-2019

You have to use Flexconfig to configure SNMP on an FDM-managed Firepower 2100 series appliance running FTD (as of the current 6.4 release).

There is an example here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-advanced.html

With FMC you configure SNMP using platform settings.

Either way, FTD devices aren't very SNMP-friendly. That is, they don't expose a lot of information via SNMP.

View solution in original post

Marvin Rhoads · ‎07-01-2019

You have to use Flexconfig to configure SNMP on an FDM-managed Firepower 2100 series appliance running FTD (as of the current 6.4 release).

There is an example here:

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/fdm/fptd-fdm-config-guide-640/fptd-fdm-advanced.html

With FMC you configure SNMP using platform settings.

Either way, FTD devices aren't very SNMP-friendly. That is, they don't expose a lot of information via SNMP.

SURAJPRAKASH3832 · ‎07-01-2019

I have Configured by Flexconfig command line SNMP feaure

snmp-server enable
snmp-server host inside1_8 Firewall-IP poll community private version 2c
snmp-server community private
snmp-server contact Sample
snmp-server location HQ

Firewall-IP with the IP address of the NMS Server. But still could not able to monitor it.

I followed step as mentioned below.

From the top navigation, click Device.
Scroll down to locate Advanced Configuration.
Click View Configuration.
From the side navigation, click FlexConfig Objects.
Click the add icon () to add an object.
Enter the name of SNMP-Server.

Enter the following detail in the Template field.

snmp-server enable
snmp-server host inside1_8 NMS Server_IP poll community private version 2c
snmp-server community private
snmp-server contact Sample
snmp-server location HQ

Enter the following detail in the Negate Template field.

no snmp-server enable
no snmp-server host inside1_8 NMSServer_IP poll community private version 2c
no snmp-server community private
no snmp-server contact Sample
no snmp-server location HQ

Clicked OK

From the top navigation, click the Deployment Summary icon ().
Click Deploy Now. The deployment can take several minutes to complete.

But still could not able to monitor Firewall in NMS Server by SNMP feature.

SURAJPRAKASH3832 · ‎07-01-2019

I followed below mentioned link to configure SNMP. But could not able to monitor it.

https://support.auvik.com/hc/en-us/articles/360029574552-How-to-enable-SNMP-on-a-Cisco-ASA-with-Firepower-Threat-Defense

Marvin Rhoads · ‎07-01-2019

@SURAJPRAKASH3832 wrote:

I followed below mentioned link to configure SNMP. But could not able to monitor it.

Are you querying a data interface or the management interface?

What errors are you seeing?

Have you tried capturing the traffic and seeing what the issue might be?

SURAJPRAKASH3832 · ‎07-02-2019

Thanks for your valuable suggestion, now I can able to monitor it.

leonardohutapea6656 · ‎07-11-2019

So, What Configuration Script command, what should be change, i get same issue

Fabio Semperboni · ‎09-14-2020

Hi, if you are interested, I wrote an article regarding SNMP and FDM.

https://www.ciscozine.com/configure-snmp-firepower-fdm/