Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1272
Views
15
Helpful
7
Replies

snmp server to receive trap

Ibrahim Jamil
Level 6
Level 6

‎04-10-2011 02:05 AM - edited ‎03-11-2019 01:19 PM

Hello folks

How to prepare my network for snmp,currently i don't have SNMP configured with community,so what is the requirement for that?do i n

what server i need to configure in order  to receive SNMP traps

coz last time i had issue ,one of my tunnels (terminated on asa 5510) goes down for 2 hours and i didn't realized that

thanks for ur knowledge

Labels:
0 Helpful
7 Replies 7

Jennifer Halim
Cisco Employee
Cisco Employee

‎04-10-2011 03:49 AM

Here is the configuration guide to configure SNMP on ASA firewall:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_snmp.html

You would need to have your SNMP server ready to receive all the SNMP traps from the ASA.

Ibrahim Jamil
Level 6
Level 6
In response to Jennifer Halim

‎04-10-2011 04:32 AM

thanks for ur reply,how to configure traps for various events?

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to Ibrahim Jamil

‎04-10-2011 03:46 PM

What you are looking to check is probably more suitable if you use syslog instead of snmp.

There is an exact syslog that will tell you when the VPN tunnel is down. You can even configure just 1 syslog message to be sent to your syslog server.

If you haven't already had a syslog server, there are plenty of free ware available for download.

Here is how to configure syslog for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_syslog.html

Here is all the list of syslog messages that can be generated from the ASA:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logmsgs.html

You can check which specific syslog message you would like to send to your syslog server, or you can also send those syslog by severity levels.

Hope this helps.

Ibrahim Jamil
Level 6
Level 6
In response to Jennifer Halim

‎04-12-2011 04:46 AM

Hi

how to configure the asa to send syslog if the tunnel goes down for some reason

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to Ibrahim Jamil

‎04-12-2011 10:07 PM

The following syslogs are the ones that might be the closest to what you are after (send syslog messages when tunnel is down):

602304:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logmsgs.html#wp4774236


713050:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logmsgs.html#wp4775418


713194:

http://www.cisco.com/en/US/docs/security/asa/asa82/system/message/logmsgs.html#wp4776100

To send only the above syslog messages, you can create a message list and here is to configure logging to syslog server:

logging host
logging list ipsec-logs message 602304
logging list ipsec-logs message 713050
logging list ipsec-logs message 713194
logging trap ipsec-logs
logging on

Hope that helps.

Ibrahim Jamil
Level 6
Level 6
In response to Jennifer Halim

‎04-12-2011 11:02 PM

thanks Halim

0 Helpful

merabtavart
Level 1
Level 1

‎07-22-2011 02:08 AM

Check

http://www.vpnttg.com/

Advantage   of VPNTTG over other SNMP based monitoring software’s is  following:   Other (commonly used) software’s are working with static OID  numbers,   i.e. whenever tunnel disconnects and reconnects, it gets  assigned a  new  OID number. This means that the historical data, gathered  on the   connection, is lost each time. However, VPNTTG works with VPN  peer’s  IP  address and it stores for each VPN tunnel historical  monitoring  data  into the SQL server and into the RRD (Round Robin  Database) file.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card