03-15-2016 04:38 PM - edited 03-12-2019 12:29 AM
Hi All,
I have a IP SLA and track configured in ASA. I want to get a SNMP trap or a syslog alert when these go down.
FW# sh sla monitor operational-state
Entry number: 1
Modification time: 22:07:31.216 CEST Tue Mar 15 2016
Number of Octets Used by this Entry: 2056
Number of operations attempted: 5406
Number of operations skipped: 0
Current seconds left in Life: Forever
Operational state of entry: Active
Last time this entry was reset: Never
Connection loss occurred: FALSE
Timeout occurred: TRUE
Over thresholds occurred: FALSE
Latest RTT (milliseconds): NoConnection/Busy/Timeout
Latest operation start time: 01:07:39.217 CEST Wed Mar 16 2016
Latest operation return code: Timeout
RTT Values:
RTTAvg: 0 RTTMin: 0 RTTMax: 0
NumOfRTT: 0 RTTSum: 0 RTTSum2: 0
FW# sh track 1
Track 1
Response Time Reporter 1 reachability
Reachability is Down
1 change, last change 00:03:53
Latest operation return code: Timeout
FW#
I couldn't find any configuration to enable SNMP trap/syslog. Can you please help.
CF
03-15-2016 05:32 PM
Hi Cisco Freak,
This is the Syslog that triggers when there is a change in routing as configured by the tracking and SLA:
622001
Error Message %PIX|ASA-6-622001: string tracked route network mask address, distance number, table string, on interface interface-name
e.g. Sep 05 2013 17:18:10: ASA-6-622001 Removing tracked route 1.2.3.3 255.255.255.255 72.163.4.1, distance 100, table Default-IP-Routing-Table, on interface outside
Explanation
A tracked route has been added to or removed from a routing table, which means that the state of the tracked object has changed from up or down.
string-"Adding" or "Removing."
network-The network address.
mask-The network mask.
address-The gateway address.
number-The route administrative distance.
string-The routing table name.
interface-name-The interface name as specified by the
Recommended Action None.
This is an informational message that indicates a change in routing and a likely change in forwarding paths, as configured by the tracking and SLA commands.
Here is the configuration in order to send an alert via e-mail directly to your account:
logging list test message 622001
logging mail test
logging from-address ciscosecurityappliance@example.com
logging recipient-address admin@example.com level errors
logging message 622001 level alerts
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
03-15-2016 05:42 PM
Hi Dinesh,
There is no routing change happening when the track/IP SLA goes down.
CF
03-15-2016 05:45 PM
Can you help me explain how are you using SLA monitor in the
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
03-15-2016 06:13 PM
We have an intermittent IPSEC vpn flap issue. I want to confirm if the reachability to remote site public IP is the root cause for VPN flap.
So I have configured a IP SLA to ping other end public IP every 2 seconds. Whenever there is a lose if connectivity, I want to get a syslog/SNMP trap.
CF
03-16-2016 10:59 AM
Any help would be appreciated.
03-16-2016 11:10 AM
You might want to run the following debugs and check the specific ID for the logging message to be sent to the
debug
debug
Please check the following thread as well:-
https://supportforums.cisco.com/discussion/10905056/configure-ip-sla-generate-syslog-messages
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide