cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
303
Views
0
Helpful
3
Replies
Highlighted
Beginner

SNMP Poll PIX Through VPN Tunnel

I have a pix in the UK that connects via the internet to a VPN concentraiter in Aus.

I have a network monitoring box in AUS that I want to poll the PIX in the UK.

The problem is that I want to monitor the internal interface of the pix, and have the traffic go via the ipsec tunnel.

So it looks like:

NMBox --FW--VPN CON--Internet--PIX-Inside

I can see the udp connection hit the pix in the logs, but it does not appear to return the traffic. The SNMP config off the pix is:

snmp-server host inside 1.1.1.1 poll

!

snmp-server community someDodgeySNMPstring

snmp-server enable traps

Any ideas would be most appreciated :)

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

Re: SNMP Poll PIX Through VPN Tunnel

Daniel,

What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.

(in config mode)

management-access inside

Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.

Hope this helps and pls rate posts! :)

Jay

View solution in original post

3 REPLIES 3
Highlighted
Beginner

Re: SNMP Poll PIX Through VPN Tunnel

Highlighted
Enthusiast

Re: SNMP Poll PIX Through VPN Tunnel

I don't know about polling the inside interface over a VPN to the outside, but you can defintely monitor the outside interface. We NAT on the local (to the NMS) pix to make the addresses more convenient.

Highlighted
Rising star

Re: SNMP Poll PIX Through VPN Tunnel

Daniel,

What you need to do is enable on your UK PIX management access (presuming your PIX code is 6.3+), for the inside interface i.e.

(in config mode)

management-access inside

Now if you ping the inside interface IP from Aus you'll get a reply from the PIX. BTW, you can also run PDM now too.

Hope this helps and pls rate posts! :)

Jay

View solution in original post