Support User Manuals

Cisco Systems ASA 5525-X Network Router User Manual

Open as PDF

of 2086

78-5

Cisco ASA 5500 Series Configuration Guide using ASDM

Chapter 78 Configuring SNMP

Configuring SNMP

• Does not support SNMP Version 3 for the AIP SSM or AIP SSC.

• Does not support SNMP debugging.

• Does not support retireval of ARP information.

• Does not support SNMP SET commands.

• When using NET-SNMP Version 5.4.2.1, only supports the encryption algorithm version of

AES128. Does not support the encryption algorithm versions of AES256 or AES192.

• Changes to the existing configuration are rejected if the result places the SNMP feature in an

inconsistent state.

• For SNMP Version 3, configuration must occur in the following order: group, user, host.

• Before a group is deleted, you must ensure that all users associated with that group are deleted.

• Before a user is deleted, you must ensure that no hosts are configured that are associated with that

username.

• If users have been configured to belong to a particular group with a certain security model, and if

the security level of that group is changed, you must do the following in this sequence:

–

Remove the users from that group.

–

Change the group security level.

–

Add users that belong to the new group.

• The creation of custom views to restrict user access to a subset of MIB objects is not supported.

• All requests and traps are available in the default Read/Notify View only.

• The connection-limit-reached trap is generated in the admin context. To generate this trap. you must

have at least one snmp-server host configured in the user context in which the connection limit has

been reached.

• The value returned for ifNumber will be larger than the number of interfaces that you can query

through SNMP, because ifNumber includes hidden internal interfaces that are not viewable.

• You cannot query for the chassis temperature for the ASA 5585 SSP-40 (NPE).

• If the NMS cannot successfully request objects or is not correctly handling incoming traps from the

ASA, performing a packet capture is the most useful method for determining the problem. Choose

Wizards > Packet Capture Wizard, and follow the on-screen instructions.

Configuring SNMP

This section describes how to configure SNMP and includes the following topics:

• Enabling SNMP, page 78-6

• Configuring an SNMP Management Station, page 78-6

• Configuring SNMP Traps, page 78-7

• Using SNMP Version 1 or 2c, page 78-7

• Using SNMP Version 3, page 78-8

previous next