About Michael McGrath

Michael McGrath · 05-15-2019

Hello, I have configured remote access vpn on asa with ldap authentication. But I can't limit vpn access with specific ldap group.Here is my config: ldap attribute-map VPN_GP_MAPmap-name memberOf Group-Policymap-value memberOf "CN=Alternate VPN HR Us...

Michael McGrath · 03-15-2019

I am working on SNMP monitoring using OIDs for disk/flash usage and haven't found the OIDs that I need. Has anyone else found out how to monitor ASA disk usage using OIDs?

Michael McGrath · 03-15-2019

Hey Fellow Cisco Professionals, I am working on enabling FIPS mode on my ASAs(5516x and 5512x) but my site to site and remote access VPNs break after enabling FIPS. I'm having trouble finding good documentation for any prerequisites or caveats for...

Michael McGrath · 11-30-2018

I have a stack of 2960x switches are I am monitoring them using OID values. However, I am having trouble finding the OIDs for the individual switches in the stack. For example, when I use the OID 1.3.6.1.4.1.9.9.109.1.1.1.1.5 (object pmCPUTotal5min) ...

Michael McGrath · 06-13-2018

kind of a 2 parter but might be resolved with the same config. I am trying to configure the IT VPN to be able to ssh into the inside interface of ASA1(site1) and then the second part would be to all this same IT VPN through ASA1 to the 2 site-to-s...

Michael McGrath · 05-16-2019

You are absolutely right it was inheriting the 0 logins from the default policy. Can't believe I was missing that, but I'm glad it's now working Thank you, sir

Michael McGrath · 03-18-2019

Thanks Balaji for responding. I've come across that link before, but it doesn't have disk usage. Does that mean the ASA 5500 series doesn't support SNMP disk usage monitoring?

Michael McGrath · 12-03-2018

Thanks for your response, Marce1000. I have 6 2960x in a stack and when I run snmpwalk with the OID in that link (.1.3.6.1.4.1.9.9.109.1.1.1.1.5) it only shows one CPU instead of the 6 I would expect. snmpwalk -v2c -c public 10.X.X.X .1.3.6.1.4...

Michael McGrath · 06-14-2018

Excellent response. I wasn't thinking about this because I was already able to ssh the inside interface of the ASA from the internal network. I am now able to ssh into ASA1 inside interface from the ITVPN subnet.

Michael McGrath · 06-14-2018

Thank you for your response. Yes, IT VPN meaning a specific pool of addresses that IT users get assigned when connecting to the VPN. I have allowed this subnet ssh access from the outside and inside interfacessh (ITVPN-subnet) 255.255.255.0 INSIDEs...

Member Since	‎08-06-2013 02:00 PM
Date Last Visited	‎05-22-2019 12:07 AM
Posts	23
Total Helpful Votes Received	6

User Statistics

User Activity

Remote Access VPN on ASA - Authentication using LDAP Server

ASA OID for Disk usage

Problems Enabling FIPS Mode on ASA

Trouble finding OIDs for 2960x switch

How can I allow vpn to inside interface of ASA

Re: Remote Access VPN on ASA - Authentication using LDAP Server

Re: ASA OID for Disk usage

Re: Trouble finding OIDs for 2960x switch

Re: How can I allow vpn to inside interface of ASA

Re: How can I allow vpn to inside interface of ASA