[c-nsp] IP SLA source pings on PIX/ASA ?
Rama Darbha
rdarbha at gmail.com
Tue Apr 19 19:41:52 EDT 2011
Eshan,
Do you have the bugID?
Regards,
Rama
On Tue, Apr 19, 2011 at 2:43 AM, Eshan Bhide <eshanbhide at gmail.com> wrote:
> To anybody reading this, this is an open bug/feature request with Cisco TAC.
>
> On Thu, Apr 14, 2011 at 7:24 AM, Rama Darbha <rdarbha at gmail.com> wrote:
>
>> Eshan,
>>
>> This is a tricky design, as you know we can't ping to or from the "far
>> side" interface of the PIX/ASA.
>>
>> Here is a guide that talks about how to use Smart Call Home as a
>> workaround that issue:
>> https://supportforums.cisco.com/docs/DOC-15571
>>
>> Does this offer the solution you want?
>>
>> Regard,
>> Rama
>
>
> On Wed, Apr 13, 2011 at 10:25 PM, Eshan <eshanvb at gmail.com> wrote:
>
>> I tried asking this question elsewhere but wasn't able to get a
>> satisfactory
>> response, thought I should try here!
>>
>> We have site to site mesh ipsec tunnels that terminate on different PIXes.
>> A
>> requirement for clients using these tunnels is to monitor the downtime on a
>> particular tunnel - using a trap sent to a remote syslog server, I am able
>> to filter the SNMP trap, and send an email alert.
>> However, is there any way to go one step further and keep a record (track)
>> of when the tunnel goes down and keep this data? On routers we usually use
>> IP SLA's with source IP specified and this seems to work very well.
>>
>> On PIX/ASA however when I do a 'source' internal ipIcmpEcho (as the tunnel
>> far end is only accessible through a route within itself) - the track
>> feature fails. Can there be no IP SLA by specifying a source to ping from
>> on
>> PIX/ASA's as is the case with routers?
>>
>> Thank you muchly:)
>>
>> Eshan.
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list