Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
478
Views
0
Helpful
3
Replies

monitor ASA5505 over site 2 site VPN tunnel

jeroenhermans
Level 5
Level 5

‎03-16-2010 10:11 AM

Hi,

We have a site to site VPN between a checkpoint and a asa5505. Everything is working fine. We would now like to monitor the asa5505 from our monitoring server which is behind the checkpoint.

I have configured the snmp community. When I check the log on the asa, I can see the request coming in from the monitoring machine and it is not being blocked. However, it is not working.

How can I fix/troubleshoot this issue?

Thanks in advance,

Jeroen

Labels:
0 Helpful
3 Replies 3

Brandon Buffin
VIP Alumni
VIP Alumni

‎03-16-2010 01:16 PM

Could be a routing issue. Can you ping the monitoring server from the ASA?

Brandon

0 Helpful

jeroenhermans
Level 5
Level 5
In response to Brandon Buffin

‎03-16-2010 02:31 PM

Hi,

Thanks for your reply. I cannot ping the monitoring server from the ASA. But I don't think it is related as I cannot ping anythng from the ASA, or anything that is behnd the asa cannot ping anything that is on the internet.I beleive this to be a seperate issue as the asa by default does not allow ping.

I can also not telnet or ssh to the asa via the vpn tunnel, this is probably the same issue as the snmp one.

Rgds,

Jeroen

0 Helpful

Brandon Buffin
VIP Alumni
VIP Alumni
In response to jeroenhermans

‎03-17-2010 06:14 AM

Is the monitoring server on a subnet that the ASA has a route to? Can you allow pings temporarily to test connectivity?

Brandon

0 Helpful
Customers Also Viewed These Support Documents