Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1449
Views
0
Helpful
7
Replies

SNMP - Query inside interface from Outside

julian
Level 1
Level 1

‎08-05-2005 02:51 PM - edited ‎02-21-2020 12:18 AM

Anyone come across this one?

I have a network monitoring station in my DMZ that monitors devices at a customer site. I can see all the internal devices fine (using SNMP polling over the VPN tunnel we have created to the site).

I want to SNMP query the Pix itself, on its internal interface, but i get no response. I guess its something to do with the VPN, but I CAN ping the internal interface of the remote Pix over the VPN, so i don't know why SNMP won't work.

For obvious reasons, I do not want to enable SNMP on the Pix's external interface.

Anyone point me in the right direction on this?

Julian

0 Helpful
7 Replies 7

acrophile
Level 1
Level 1

‎08-23-2005 02:00 PM

I'm having the same issue.. can anyone pitch in with a fix? :).

0 Helpful

julian
Level 1
Level 1
In response to acrophile

‎08-23-2005 03:56 PM

Never mind : )

Fixed it, but you would not believe how i did it!

I had to create two SNMP-SERVER host's with the same IP address for BOTH the internal AND the external interfaces...

e.g.

snmp-server host outside xxx.xxx.xxx.xxx community public

snmp-server host inside xxx.xxx.xxx.xxx community public

(where xxx.xxx.xxx.xxx) is the external SNMP Trap recipient / SNMP query server).

It 'kind' of makes sense, although in a warped and twisted way... thankyou Cisco!

Julian

0 Helpful

acrophile
Level 1
Level 1
In response to julian

‎08-23-2005 06:10 PM

my problem is a little different I guess... I have two sites, each with a router & pix... the vpn is setup between the two pix's... I want to hit the inward facing interface on one router from the internal network of the other office over the vpn...

it's driving me crazy :)

0 Helpful

julian
Level 1
Level 1
In response to acrophile

‎08-24-2005 02:43 AM

If i interpret this correctly, are you saying that you want to monitor the internal interface of Router B (from the internal network) behind Pix A and Router A?

I presume that all interfaces on the Routers have public IP addresses?

0 Helpful

mostiguy
Level 6
Level 6
In response to julian

‎08-26-2005 03:41 AM

On PIXen, look at the management-access command. It is designed for you to set up a non outside interface as being accessible for remote monitoring setups.

0 Helpful

julian
Level 1
Level 1
In response to mostiguy

‎08-26-2005 06:52 AM

Ah, but isn't he trying to monitor the router inside interface, not the Pix management interface?

Julian

0 Helpful

acrophile
Level 1
Level 1
In response to julian

‎08-29-2005 10:29 AM

correct

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card