I am using ASA 5510 Firewall and i have established VPN tunnels too , now i want to Monitor the bandwidth utilization , i have installed PRTG Monitor application and want to add the firewall , how to enable the SNMP in ASA .
View 1 RepliesI'm currently implementing Microsoft System Center 2012 Operations Manager, the curent stage of the project is to add the network devices to SCOM via SNMP in order to monitor them, I am able to add them all and monitor; however, my ASA 5510, although SCOM discovers the ASA via SNMP and adds it to the network monitoring list, it loses SNMP connectivy every 30 minutes, and 15 later it reconnect with SCOM, then after another 15 minutes it loses the connection again, and so on and so for.
View 1 Replies View RelatedHow I can actively monitor the interfaces and overall status of 2 x ASA 5500s in an Active/Standby configuration?
I can setup monitoring of the interfaces on the Active member but I'm not sure how to manage the Standby member?
I matched the traffic statistics on one of my Cisco ASA site-site tunnels with the OID:1.3.6.1.4.1.9.9.171.1.4.3.1.1.25.4142 (cipSecTunHistInOctets). I was real proud of myself for a few days until I checked the history and found the OID wasnt working.After some troubleshooting I found that the last four digits (4142 in this case) change whenever the tunnel drops and re-establishes itself. Any way to collect tunnel utilization history on an ASA with SNMP? Is there a different OID I can use thats based on the endpoint IP?
View 2 Replies View RelatedI am trying to monitor my ASA 5505. This asa is connect via a ip-sec tunnel to our network. I have no problems with snmp monitoring devices behind the ASA, but when trying to monitor the asa itself I do not get a SNMP response.
View 2 Replies View RelatedIs there a way I can generate bandwidth reports on Cisco PIX 535 ?
View 1 Replies View RelatedWhat are considered the best practices for monitoring ASA's--specifically the 5510 with Sec+ License.
My current monitoring application keeps reporting issues with outbound interface buffers being too high, but there are not any performance issues and I believe the thresholds are just set absurdly low.
i have a couple of ASA 5510 in Active/Failover configuration. Failover LAN is configured on management0/0 e the ASA are connected with a back-to-back direct cable.
ASA has an interface in access mode inside with standby ip address and show failover is compliant with expected result in show failover (Normal)
ASA-PRIMARY# sh failover Failover On Failover unit PrimaryFailover LAN Interface: LANfailover Management0/0 (up)Unit Poll frequency 1 seconds, holdtime 15 secondsInterface Poll frequency 5 seconds, holdtime 25 secondsInterface Policy
[Code]....
How to prepare my network for snmp,currently i don't have SNMP configured with community,so what is the requirement for that?what server i need to configure in order to receive SNMP traps coz last time i had issue ,one of my tunnels (terminated on asa 5510) goes down for 2 hours and i didn't realized that
View 7 Replies View RelatedI have the following setup:
R--H1
|
F
|
H2
R: 3840
F: ASA 5510
H: Hosts 1 and 2
I am trying to get SNMP info from the router to H2 but snmpwalk errors with no response from router. I can get info from H1 and neither interface on router is preventing SNMP traffic from coming or going.Is there something that needs to be configured to allow SNMP traffic (orginating from INSIDE) to reply? (Also note that there is no Inspect Maps blocking and SNMP versions).
We currently have a few 5505s installed at client sites which are connected via s2s ipsec VPN to our datacenter's 5510. We are using Nagios to monitor the local data center and remote client infrastructure (over the VPNs) which has been working well.
We would like to also monitor the remote 5505s using SNMP over the s2s tunnels but it doesn't seem to be working, the connection is timing out. We've configured the remote 5505s with the same snmp statement we used on the 5510 (snmp-server host inside <remote datacenter IP> poll community ***** version 2c) yet the Nagios SNMP check cannot connect to the remote 5505s. We've also tried the command using 'outside' without any luck, not sure how to get SNMP to route over the VPN.
I am trying to poll the 5 minute average CPU utilization of my Cisco Aironet 1252 (IOS version 12.4(25d)JA) using SNMP OID .1.3.6.1.4.1.9.2.1.58.0.However for some reason I am not getting any response back from the aironet. Note I am able to retrive the memory utilization without a problem.
View 1 Replies View RelatedI am trying to add ACS 1121 (ver 5.3) to monitoring and seems that MIB are missing. Need MIB for this device which I can use in monitoring tool.
View 1 Replies View Related how snmp monitoring works when we have WLC in the networking.Before the WLC 5508 instalation, we had the Nagios monitoring each Access Point in the networking. Today, the Nagios still monitoring the networking, but the Nagios cannot get the same information of the APs (CPU, status interface, memory, etc).Now, the WLC controls each AP, the IP address, netmask, community (of all AP) are the same before the WLC instalation. I have tried to configure the SNMP information in Management>>SNMP>>Communities, but these configuration are from WLC and not from each AP.
How can I configure the SNMP setting in my AP to still use the Nagios to monitoring the networking?
I have 5 installations of ACS appliances (ACS 1121 running ACS 5.3). Is there a way to monitor them via SNMP? The AD client keeps dying on one of them, and even with the newest patch it's not up. Also, i want to monitor them up/down, CPU, memory... basic network monitoring to make sure my devices are healthy.
Any one know if that can be configured? I figured i'd ask here before opening a TAC.
I am building a few 3750 stacks, I want to be able to poll/monitor each individual switch in the stack but as it only has 1 ip associated with the stack how can I do this. I am polling the uplink interfaces but as I only have uplinks on the top and bottom switch I am blind to a switch going down in the middle of the stack.
View 4 Replies View RelatedI'm a C# programmer and as part of my software I need to monitor some Cisco Catalyst 3560V2 24 switches using SNMP (By reading MIB/S data).Apparently this switch supports more than 50 different MIBs.My question is which MIB/MIBS contains general health data (parameters) that may determine if the switch is OK, Degraded or Malfunctioned.
View 0 Replies View RelatedI was positively surprised to find the optical transmit/receive values using the show fiber-ports optical-transceiver detailed command on a SG300-10.
Now I'm wondering if there is also a SNMP-MIB to query these values? I've already tried the CISCO-ENTITY-SENSOR-MIB used by the larger devices running Cisco IOS, but this didn't work.
I have two 6509E's configured with VSS. In this configuration, is it possible to monitor the CPU and memory of each switch independently using SNMP?
View 1 Replies View RelatedI'm running 12.2(33)SXJ1 on a 6500 with several IPv6 BGP peers. Is there any way to monitor the BGP status of IPv6 peers? I've been through the BGP4 mib and cant seem find a way to check the status of IPv6 peers.
View 4 Replies View RelatedWe would like to enable our HelpDesk and Network team the ability to connect to Laptops using our ASA 5510 VPN device using Secure VNC application. Not sure if this is possible or how to enable this option.
View 5 Replies View RelatedI have just erased an ASA and upgraded the firmware and then added an IP. How can I enable the ASDM as I can't get on it, here is the config:
ASA Version 8.4(3)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
dns-guard
[code]....
I have a cisco ASA firewall 5510.Just i have configurd for 1st port as nameif ouside witch public ip, 2nd port as a nameif inside with local ip, and done the nating, dhcp and dns. now i am able to get internet from inside port, which is getting dhcp.up to that it is ok.
And I want to restrict bandwidh 1Mbps for local port (2nd port) how to config 1Mbps banwidth allocation for port no 2, I mean nameif inside should have 1Mbps limet.
We have C7206VXR NPE-G2 platform with transceiver which support DOM.Could we monitor DOM tx/rx level statistic through snmp for 7206 platform?In CLI result of command "sh interf GigabitEthernet0/1 transceiver" give some information.We tried search for some MIB In "MIB locator" on cisco.com.
View 2 Replies View RelatedIs temperature monitoring via snmp supported on Cisco 2801 routers? when i perform a snmpwalk i donot get the associated value for the oids.
View 2 Replies View Relatedhow do i enable port forwarding on the CLI for ASA 5510. outside subnet is 192.168.1.0/27. when i try to ping another IP with that range i can't access.
View 37 Replies View Relatedhow to enable inspect http on ASA 5510, so that URL information populate in the syslogs?
View 2 Replies View RelatedI have a 20/20 MB circuit and an ASA 5510 and I am able to setup policing were the interace gets 512k down and 128k up so when I conduct a speed test with one user I get 512k and 128k and when I conduct a speed test with two users each gets 256k and 64k. [code] What I want to happen is that each user gets 512k and 128k until a saturation point is hit and then I want the ASA to slow all users down equally.
View 1 Replies View RelatedI'm working in my lab trying to do proof of concept for traffic policing on the ASA 5510 running 8.0(4). I have two laptops running Ubuntu one on the outside and one on the inside. Both laptops have 100Mbps interfaces. My tests consists of downloading a file from one laptop using HTTP. Without any QoS I can see speeds close to 100Mbps which I would expect. On a side note, try using XP and you won't come close to those speeds. Anyhow, I implement policing using the config below and expect to see the max rate on the laptops during the transfer max out close to the CIR. However, I see speeds much higher on the laptops.
When I set the CIR to 10000 bps with bc at 1500 bytes I get speeds that range from 300Kbps to 700Kbps. I would expect to see speeds max out at the CIR which would be 10Kbps.I'm having a hard time understanding why my numbers don't match.
i'' ve one appliance ASA 5510, v8.X and asdm 6X here u have my configuration :
interface Ethernet0/0 description Link To WAN nameif outside security-level 0 ip address 212.96.23.186 255.255.255.252!interface Ethernet0/1 description Link to LAN(forefront) nameif inside security-level 100 ip address 10.20.80.1 255.255.255.252!interface Ethernet0/2 description Link to CoreSW (DMZ) nameif DMZ security-level 50 ip address 10.70.70.254 255.255.255.0
i have on server ssh (10.70.70.10) on my DMZ .
I wan to enable my external user, i mean outside user to be able to access to this server which is in my DMZ for this port ( ssh)
I have some clarifications regarding ASA firewall, it can be support bandwidth management and content security at the same time. we are looking for below features in ASA5510.
IP/Policy based bandwidth management.Controll the bandwidth and allocate the bandwidth to specified users or servers.Content Security. If not, which device I need to set for Internet Bandwidth Management and content security.
I was wondering if there is a way to monitor the total bandwidth available at any given time? My ISP claims and is charging me for a certain amount of bandwidth but I suspect that during the day I am getting much less.
I would like to track available bandwidth continuously (or every 5, 10, 15 minutes) and log that data so I can show them the results. I'm on a Mac 10.7 but can use Windows XP also.
In ASA 5510. How I can limit the users in (VLAN 20) to use the internet with a limited Bandwidth/speed with 3 mbps upload and 5 mbps download?
In case the outside interface (Native vlan) which is connected to the ISP and have a bandwidth/speed of 30 mbps upload and 50 mbps download.