I am trying to do snmpwalk from 10.60.1.1 towards one of the ASA firewall interface ip 10.1.1.1 but getting timeout.
I can ping and traceroute this ip from the source.
Below is the simple snmp v3 configuration i am using.
snmp-server group <SNMP_GROUP> v3 priv
snmp-server user <SNMP_USER> <SNMP_GROUP> v3 auth sha <SNMP_PASS> priv aes 128 <ENC_PASS>
snmp-server host ABC 10.60.1.1 poll version 3 <SNMP_USER>
Already this interface is working fine for snmpv2 and on top of it we want to monitor snmpv3 for another department.
Because none of the other interfaces are reachable apart from 10.1.1.1
pls assist, attached the diagram.
is your source ip address is 10.60.1.1 and you are able to ping 10.1.1.1 using ip address 10.60.1.1?
This is not going to work if you use source ip 10.60.1.1 and destin ip 10.1.1.1. you collector has to be in the same subnet in order to work. or you can use dynamic nat to get this work.
Thanks for your reply.
We have many other device in 10.2.0.0 segments and those are all reachable via snmp.
only one firewall interface which is in 10.1.1.1 is not reachable via snmp.
ping is working to this ip 10.1.1.1 form 10.60.x.x, traceroute is also working fine, only snmpwalk is getting timeout.
what is the security level configured on these interfaces. can you share your firewall config and also show us diagram. you said 10.20.0.0 I cant see this network in your earlier diagram.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: