Hello Pawel,

I actually I followed the first document you send me and I am still not recieving any SNMP traps from the ASA to my NMS server. Can you please send me the exact commands to verfiy it on my end.

Regards,

Hesham

Hi Hesham,

The way I provided to you is using Syslog messages rather than SNMP traps. Most of NMS has built in syslog server. Configuration sample below:

logging enable

logging buffered informational     ! in fact this one was only used to what exactly is being logged - you can omit it

logging trap informational

logging host inside 1.1.1.100

Sample of logs while configuration change is done:

ciscoasa# show logging

(...)

%ASA-5-111008: User 'enable_15' executed the 'configure terminal' command.

%ASA-5-111008: User 'enable_15' executed the 'interface Ethernet 0/1' command.

%ASA-5-111008: User 'enable_15' executed the 'description DDD' command.

%ASA-5-111005: console end configuration: OK

%ASA-6-302015: Built outbound UDP connection 0 for inside:1.1.1.100/514 (1.1.1.100/514) to NP Identity Ifc:1.1.1.1/514 (1.1.1.1/514)

(...)

captures proving syslog has been sent out to syslog server:

ciscoasa# show capture CAPIN

(...)

  19: 00:08:34.199345 1.1.1.1.514 > 1.1.1.100.514:  udp 71

  20: 00:08:34.199345 1.1.1.1.514 > 1.1.1.100.514:  udp 80

   21: 00:08:34.679316 1.1.1.1.514 > 1.1.1.100.514:  udp 50

I hope that helps. If not, just let me know.

regards,

Pawel

Thank you Pawel,

Is it possible to use SNMP traps instead since logs are already sent to a syslog server?

I am also not able to receive the syslog message that defines a change has occured!

Regards,

Hesham