[c-nsp] FW: SNMP from OUTSIDE to DMZ over VPN (PIX 7.2(2))
Bagosi Rómeó
Romeo.Bagosi at integris.hu
Wed Nov 28 03:20:54 EST 2007
The management-access is alredy configured (I can use the syslog for example)
But this vpn-filter thing is not clear for me. I've searched about it, but didn't found anything to allow snmp traffic (I can "filter" it, with this command).
-----Original Message-----
From: Fred Reimer [mailto:freimer at ctiusa.com]
Sent: Tuesday, November 27, 2007 7:34 PM
To: Bagosi Rómeó; cisco-nsp at puck.nether.net
Subject: RE: [c-nsp] FW: SNMP from OUTSIDE to DMZ over VPN (PIX 7.2(2))
group-policy attributes
vpn-filter
and/or
management-access
Look them up.
Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Bagosi Rómeó
> Sent: Tuesday, November 27, 2007 10:38 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] FW: SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
>
>
>
>
>
> ________________________________
>
> From: Bagosi Rómeó
> Sent: Tuesday, November 27, 2007 4:37 PM
> To: 'gagandeep singh'
> Subject: RE: [c-nsp] SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
>
>
>
> Thank you, i've found this link, but the problem is that we
> don't want to snmp query the outside interface (it's not
> permitted to communicate through VPN).
>
>
>
> ________________________________
>
> From: gagandeep singh [mailto:gpanjeta2003 at yahoo.co.in]
> Sent: Tuesday, November 27, 2007 8:53 AM
> To: Bagosi Rómeó
> Subject: Re: [c-nsp] SNMP from OUTSIDE to DMZ over VPN (PIX
> 7.2(2))
>
>
>
> Try this link.
>
>
>
> http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/produ
> cts_configuration_example09186a0080094497.shtml
>
> Bagosi Rómeó <Romeo.Bagosi at integris.hu> wrote:
>
> Hello Experts!
>
> I have the following problem.
> I want to monitor my PIX with SNMP over VPN.
>
> The network look like this:
> inside --- ASA ---------- PIX --- dmz
>
> I have a monitoring server on the ASA inside interface
> (ex. 10.200.0.205). The PIX dmz interface: 10.250.130.1
> The traffic from ASA inside network to PIX dmz network
> travels through VPN.
>
> I want to query PIX's dmz interface with SNMP from the
> monitoring server, I can't.
> I've configured the snmp things (snmp-server host
> outside 10.200.0.205 poll community ****** version 2c) and
> the "management-access dmz" command, but still doesn't
> works, and I found nothing with G**gle, about this.
>
> Anybody has alredy the same scenario?
>
> Thank you,
> RB
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>
>
>
> ________________________________
>
> size=1 width="100%" align=center>
>
> Now you can chat without downloading messenger. Click here
> <http://in.rd.yahoo.com/tagline_webmessenger_5/*http:/in.mes
> senger.yahoo.com/webmessengerpromo.php> to know how.
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list