[c-nsp] FW: SNMP from OUTSIDE to DMZ over VPN (PIX 7.2(2))

Fred Reimer freimer at ctiusa.com
Tue Nov 27 13:34:05 EST 2007 

group-policy attributes
  vpn-filter

and/or

management-access

Look them up.

Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697




> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Bagosi Rómeó
> Sent: Tuesday, November 27, 2007 10:38 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] FW: SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
> 
> 
> 
> 
> 
> ________________________________
> 
> From: Bagosi Rómeó
> Sent: Tuesday, November 27, 2007 4:37 PM
> To: 'gagandeep singh'
> Subject: RE: [c-nsp] SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
> 
> 
> 
> Thank you, i've found this link, but the problem is that we
> don't want to snmp query the outside interface (it's not
> permitted to communicate through VPN).
> 
> 
> 
> ________________________________
> 
> From: gagandeep singh [mailto:gpanjeta2003 at yahoo.co.in]
> Sent: Tuesday, November 27, 2007 8:53 AM
> To: Bagosi Rómeó
> Subject: Re: [c-nsp] SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
> 
> 
> 
> Try this link.
> 
> 
> 
> http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/produ
> cts_configuration_example09186a0080094497.shtml
> 
> Bagosi Rómeó <Romeo.Bagosi at integris.hu> wrote:
> 
> 	Hello Experts!
> 
> 	I have the following problem.
> 	I want to monitor my PIX with SNMP over VPN.
> 
> 	The network look like this:
> 	inside --- ASA ---------- PIX --- dmz
> 
> 	I have a monitoring server on the ASA inside interface
> (ex. 10.200.0.205). The PIX dmz interface: 10.250.130.1
> 	The traffic from ASA inside network to PIX dmz network
> travels through VPN.
> 
> 	I want to query PIX's dmz interface with SNMP from the
> monitoring server, I can't.
> 	I've configured the snmp things (snmp-server host
> outside 10.200.0.205 poll community ****** version 2c) and
> the "management-access dmz" command, but still doesn't
> works, and I found nothing with G**gle, about this.
> 
> 	Anybody has alredy the same scenario?
> 
> 	Thank you,
> 	RB
> 	_______________________________________________
> 	cisco-nsp mailing list cisco-nsp at puck.nether.net
> 	https://puck.nether.net/mailman/listinfo/cisco-nsp
> 	archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> 
> 
> 
> ________________________________
> 
> size=1 width="100%" align=center>
> 
> Now you can chat without downloading messenger. Click here
> <http://in.rd.yahoo.com/tagline_webmessenger_5/*http:/in.mes
> senger.yahoo.com/webmessengerpromo.php>  to know how.
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3080 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20071127/22652394/attachment.bin

More information about the cisco-nsp mailing list