Search 97,742 posts and 786 resources contributed by 57,092 members or post a topic.

Already Joined? Sign in
Can't identify Cisco Pix or ASA with ipMonitor

Page 1 of 1 (4 items) | RSS

rated by 0 users
Answered (Verified) This post has 1 verified answer | 3 Replies | 3 Followers | 462 Views


1 Posts
Points 5
rgcarroll replied on Thu, Feb 11 2010 3:49 PM
rated by 0 users

I installed ipMonitor and ran the discovery. I have (1) Cisco 2811 router, (1) Cisco 3560 Switch, (1) Cisco Pix firewall, and (1) Cisco ASA firewall.

The discovery process was able to identify the 2811 router and 3560 switch precisely, and with all of the available monitors that come with those specific Cisco devices.

It was unable to identify the Pix or ASA firewalls as such, and simply added an ip address and ping monitor. How do I enable ipMonitor to identify the Cisco firewalls in detail like it did for the switch and router?

  • | Post Points: 5

Answered (Verified) Verified Answer


68 Posts
Points 196
Answered (Verified) chaldz replied on Tue, Feb 16 2010 8:01 AM
rated by 0 users
Verified by MarieB

Normally on a Cisco PIX and ASA SNMP queries are locked down based on IP address.  So within the ASA and PIX config, you need to add your IP address of your ipMonitor server.  Something like: snmp-server host inside xxx.xxx.xxx.xxx community public (or whatever your readonly string is).

  • | Post Points: 21

All Replies


51 Posts
Points 339
SolarWinds Employee
mdiotte replied on Fri, Feb 12 2010 11:34 AM
rated by 0 users

Hi rgcarroll,

ipMonitor likely did not get a response via SNMP when you were performing a scan of those devices.  Are you certain that SNMP connections work from the ipMonitor host to the firewall devices?

I would try by adding a SNMP monitor manually in ipMonitor to the device and seeing if that works.  If it does not it may be that the devices do not have SNMP enabled, are using incorrect community or are not responding to the ipMonitor server do to some configuration reason.

You can also use the SNMP Monitor wizard under the configuration tab of ipMonitor to try and walk the firewall devices. Try a OID such as 1.3.6.1 so that it will walk all the OID's available.

Hope this helps!

Matt Diotte, Software Developer
ipMonitor
SolarWinds
Austin, TX

  • | Post Points: 3

68 Posts
Points 196
Answered (Verified) chaldz replied on Tue, Feb 16 2010 8:01 AM
rated by 0 users
Verified by MarieB

Normally on a Cisco PIX and ASA SNMP queries are locked down based on IP address.  So within the ASA and PIX config, you need to add your IP address of your ipMonitor server.  Something like: snmp-server host inside xxx.xxx.xxx.xxx community public (or whatever your readonly string is).

  • | Post Points: 21

4 Posts
Points 10
donfrank replied on Mon, Mar 1 2010 9:46 AM
rated by 0 users

We have a CISCO-AS5520 Firewall. I have a SNMP Version 2 monitor build with the "number of active connections" as follows:

UDP Port = 161

OID = 1.3.6.1.4.1.9.9.491.1.1.1.6.0

Analyze the Result as: Numeric data < 3000

The monitor is down when we have more then 3000 firewall connections from the intranet nic.

 

  • | Post Points: 1
Page 1 of 1 (4 items) | RSS

© 2003 - 2010 SolarWinds, Inc. All Rights Reserved.

Who is SolarWinds?

SolarWinds is rewriting the rules for how companies manage their networks. Guided by a global community of network engineers, SolarWinds develops simple and powerful network management software and network monitoring software for networks of all sizes. SolarWinds also offers a network certification program to become a SolarWinds Certified Professional (SCP).

What is thwack?

thwack, SolarWinds online community site, was designed by network engineers, for network engineers. thwack is a vibrant, growing community of more than 30,000 IT pros who share a passion for technology.

Explore Resources, Answers, Templates, and Advice

Download Free Networking Tools

Learn More About SolarWinds Products