Below is my config for IP SLA. I would like a SNMP trap to be sent when my primary fails over to my secondary and so on.
sla monitor 20
type echo protocol ipIcmpEcho 100.X.X.1 interface INET-FIOS150
num-packets 2
[Code].....
I have a snmp trap sent every 30 seconds from one of my cisco switches (a stack of 3750 to be precise): ccStatusMemberStatusChange. Do you know what it is and why it is sent continuously?
View 1 Replies View Relatedsend me step by step guide of how to configure SNP server for SNMp trap
View 2 Replies View RelatedHow to prepare my network for snmp,currently i don't have SNMP configured with community,so what is the requirement for that?what server i need to configure in order to receive SNMP traps coz last time i had issue ,one of my tunnels (terminated on asa 5510) goes down for 2 hours and i didn't realized that
View 7 Replies View RelatedIs it possible to have the ASA send an SNMP trap when a particular bit-rate over an interface is exceeded?
View 2 Replies View RelatedUpgraded LMS to 4.1. Yep basically reinstalled. However I can't remember how I did a couple of thing on the original system.
I am trying to take the traps from the Cisco equipment to the LMS and generate e-mail. How do I take the incoming traps (Crit and Warning) and send an e-mail alarm. I'll plan to control what to trap on at the Cisco Equipment.
SNMP trap is set from a fan fault, the Cisco send a trap to the LMS. Now I want take that trap and forward via an email.
I have been reading the admin documentation on "Notification and Action Setting". I see how to take the Cisco LMS created trap and email alarm. (In this case I need a specific trap that LMS did not have.) I see how to take Cisco Traps and resend them to other NMS.
We are implementing fault management tool and for that we need information such as what type of traps are being triggered by router on what events..currently we have BGP, interface,reachability,h/w,syslog,authfail,config, trap types configured..All these are hitting in our fm tool but I need to know when these traps are being triggered by router.more importantly authfail, config, syslog, bgp.
View 4 Replies View RelatedI want to make my switch send trap when failed SSH login is detected. I found the "login Enhancement" feature and enabled the trap and logging for the failed attempt.
3750# sh run | in login
aaa authentication login default local
login delay 1
[Code].....
I am in the process of testing VA5(1.2) version of ACE on ACE4710 appliance.I did redundnacy configuration and it is working fine.I have done the snmp configuration and SNMP trap receiver is able to recieve traps like link up/down, so it proves that SNMP configuration is working fine, but i am not able to generate the SNMP trap notification for "clrRedundancyStateChange".I tried two things:
1) Via CLI, ran the command "ft switchover all" and i could see redundancy state changes.
2) Powered down Active 4710 appliance and standby ACE 4710 appliance taking over as Active.
However, none of the above could generate the trap clrRedundancyStateChange. how this trap can be generated? In snmp-server enable traps commands doesn't have any option for enabling FT related traps.
how to enable snmp traps for syslog message in Cisco Nexus platform ?
Mean what would be equivalent CLI for the below
"snmp-server enable traps syslog"
I want to be able to send snmp traps to my NMS alerting our NOC to when we reach our configured max-associations on an ap. We currently use both 1130 AG and 1140-2N in autonomous mode, no controller. I have found a debug command "debug dot11 station connection failure" and the output of a test AP shows us the fact that the maximum number was reached. I need to find if it is possible to trap on such information.
View 1 Replies View RelatedNow I'm trying to write software that get information from Syslog message, but I'm facing with the problem about getting statistic of client de-authenticated in a WLC (Software Version: 7.0.98.0), because I cannot find any log about this information on WLC except only this SNMP trap:
Tue Aug 23 09:52:28 2011Client Deauthenticated: MACAddress:00:xx:77:2c:06:db Base Radio MAC:00:xx:5d:0c:fc:30 Slot: 0 User Name: unknown Ip Address: 10.2xx.47.15 Reason:Unspecified ReasonCode: 1
So, is there any way that I can configure WLC to convert this SNMP trap to send to Syslog server as a normal Syslog message?
I use SNMP and I dont have access to a router to test.Can the SNMP Trap to: Field in the SMNP section be configured for multiple IP addresses.?
View 1 Replies View RelatedI have Cisco 2960's, 3750's and 3750x's all running IOS on the access layer. I have Cisco 6504's running IOS on the Distribution and Core layers. I am looking to monitor redundant links through Spectrum by having specific ports send traps but I have run into trouble finding how to configure it. I would like to have:
1. Logging enabled for all links (Fiber and Copper) so that I see all links up/down messages in the syslog
2. SNMP traps sent for linkup/link down messages only for redundant links (ex. Dual Up links from Access Layer or Redundant Ether channel Links on Dist Layer)
3. SNMP traps should be ignored/not sent for all copper ports.
We have two ACE4710 in a failover configuration with Software version A4(2.0). SNMP is setup and the receiver is able to receive SNMP traps.The issue is we are receiving a linkDown trap notification at least once every other day, followed shortly by a linkUp notification a minute later. We have checked all layer 2 devices connected to the ACE and cannot see any evidence that any link actually disconnected. We experienced no traffic lost, but this could be because a couple of the ACE links are bundled. The trap notification does not actually indicate which interface changed status. All links are Gigabits, and there are no packet drops either on the ACE or the layer 2 switch.
View 3 Replies View Relatedi have a Problem with SNMP on the ASA Outside Interface. I want to monitor the Interface via SNMP (linkup, link down). I have a Active/Passive Cluster running on 8.4.2 and configured SNMP (v1) for Test on the Outside Interface. It's not that hard but when i try to test my Configuration with (peerless) SNMP Tester the Interface doesn't respond. Did i forget to configure something? Searched the forum but didn't find anything useful.
View 4 Replies View RelatedI have a an ASA 5520 connected to a Layer 3 (3750) switch (Inside) and a connection to a 2960 switch (Outside) to get to the internet. . I have created vlan interfaces on the 3750 switch and enabled ip routing on the switch to enable the vlans to communicate with each other.
Vlan Interfaces on the switch:
Vlan 100 172.17.1
Vlan 200 172.18.1
Vlan 300 192.168.3.1
I want the devices connected to the 3 vlans to be able to pass through the firewall and get out to the internet.I have connected the ASA to the 3750 by routed interfaces (10.10.10.1) --------- (10.10.10.2) and they are able to ping each other.I have also put a default route on the 3750 sending all traffic from the switch to the ASA inside interface (10.10.10.1)The issue that i am having is that the ASA also connects to a 2960 which has a connection to the Internet, and they are handing off an ethernet connection from the 2960 that sits in VLAN 55 (Vlan 55 is the Internet accessible vlan).How do I configure my ASA to send all traffic from my (3) vlans to the interfaces that connects to the 2960 switch?
Query is, Can i send my syslog messages to SNMP sever? if so, what command needs to be enabled on nexus 7k?
View 3 Replies View RelatedWe have Cisco ASA 5520 firewall. ASA Version - 8.0(4). ASDM Version - 6.1(3). Firewall Mode - Routed.
We want to configure QoS for some subnets and enable policing such that they cannot use more than 1mb of bandwidth. I think we cannot create more than 1 policy for it. In that case i created a policy with QoS enabled and configured the Input and Output policing with Commited Rate of 1024000 bits/second. But it does not seem to work.
how can i create such policy in the ASA to limit certain subnets to 1mb bandwidth ?
i'm trying to configure an ASA with two ISP to be reached from internet for vpn access, the objective is that the user can use any of the Public address attached to ASA to connect to the company. Is this possible? i'm facing some problems because i can not use two different default routes (same AD) pointing to two different interfaces, this is the message that i receive "ERROR: Cannot add route entry, possible conflict with existing routes" and when i change the AD of one of the default routes i just can reach one ISP.
View 1 Replies View RelatedI have a cisco ASA 5520 that i'm configuring.From the actual Firewall (with is a linux server), we have the outside interface eth0 with has a public IP and other sub-interfaces (eth0.1; eth0.2,...) with others publics IPs.I'd like to know how I can configure it in an ASA
View 7 Replies View Relatedi have an ASA 5520 with ios 8.4 and asdm 6.4.
my configureation is below
my asa interfaces
inside ip
172.16.0.0/22
[Code].....
so now i want to configure my asa to give access to user based. what configurations should i use to do so.
i have attached the Edit Active Directory Server dialuge box so what should i put there in the box's
How to configure ASA 5520 to resolve names in ASA's. We are currently using ASDM to configure network objects with the hostnames in the internet and then specifying the IP address . But this is done manually. Is there a different way of setting it up on ASA. Also when getting reports from ASA, we see the IP's but is there a way that we could add an identity to the IP's (reverse lookup)
View 1 Replies View RelatedI have two ASA 5520 version 8.2 in active Standay Mode. What is a good practice to setup IPS AIM ssm-20 for this setup.
Is IPS should be in Fail-Open or Fail-Close mode ?
Is Mangement ip for both IPS module should be same or diffrent. ?
I am new to cisco ASA. I need to configure ASA 5520 in transparent bridge mode. [code] I need to place the new asa firewall in transparent mode. How to configure the firewall in transparent bridgmode.
View 5 Replies View RelatedWe already have a subnet defined to inside interface and is in produciton. the default gateway is this interface ip. In that setup now I have to add one more subnet and as the first subnet is been defined in ASA indside interface, I have to assign secondary Ip to the inside interface so that new subnet users can easily reach here and go outside.
View 1 Replies View RelatedIs it possible to import the config of a 5510 to a 5520. Trying to replace two 5510's with 5520's and wondering is there a way import the existing config files for the 5510's into the 5520's?
View 3 Replies View Relatedi have cisco ASA5520 and i have a remote access vpn .I want to configure logging for this remote access vpn.
i want the time user connected .how log it is connected .If any error while connecting ?
To show up the ASA as a hop in a traceroute, one can use the 'set connection decrement-ttl' feature in a policy map.During my tests I recognized, that this behaviour only affects IPv4 traffic.
An IPv6 traceroute still does not show the ASA as a hop.How can I configure the ASA to show up as a hop in an IPv6 traceroute?The ASA is a 5520 with v8.4(1) installed.
I have a asa 5520 with an outside and backup interface. I am trying to configure two static nat statements from the inside to the outside and backup interface. Here is what I have configured so far.
object network obj-10.1.1.254
host 10.1.1.254
object network obj-10.1.1.254
nat (inside,outside) static 172.25.10.3
I want to also use nat (inside,backup) static 172.25.10.3
I currently have 90 remote locations that have PIX501's. They are all running 6.3 on them. All of these locations are creating an IPSEC VPN to my ASA 5520 (8.4) at the data center. Web access at the remote locations is currently being handled with ACL thru split tunnels. This is getting increasingly not fun as I have to reach out and touch them one at a time whenever I have to allow more access to the net. Code...
I would like to keep my split tunnel (if possible) for ports 443 and 21. I allow access to "any" on those ports and have no plans to change it.
Can I send port 80 down the VPN tunnel to the Proxy/Web Filter and then return the results to the Remote Client.
Cisco works LMS 4 is very complicated tool for me and it is very hard to configure any cisco device what I need to monitor.Currently I have 3750-X configured, properly discovered and added to DCR. I would like to receive SMTP messages(mail) from LMS if some event occurs. For example when link UPDOWN occurs or when LOGIN_FAILED occurs and so on. I tried to configure it in Monitor > Monitoring Tools > Fault Monito, but without siccess. LMS tell me that there are no devices available.How can I configure some notification so it is able to send me message via smtp?
View 0 Replies View Relatedhow can I configure ACS 5.2 to send syslog messages to CS-MARS?
View 3 Replies View Related