79-15
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter79 Configuring SNMP
Information About SNMP
SNMP Version 3
This section describes SNMP Version 3 and includes the following topics:
SNMP Version 3 Overview, page 79-15
Security Models, page 79-16
SNMP Groups, page 79-16
SNMP Users, page 79-16
SNMP Hosts, page 79-16
Implementation Differences Between the ASA, ASA Services Module, and the Cisco IOS Software,
page 79-16

SNMP Version 3 Overview

SNMP Version 3 provides security enhancements that are not available in SNMP Version 1 or SNMP
Version 2c. SNMP Versions 1 and 2c transmit data between the SNMP server and SNMP agent in clear
text. SNMP Version 3 adds authentication and privacy options to secure protocol operations. In addition,
this version controls access to the SNMP agent and MIB objects through the User-based Security Model
mteTriggerFired
(DISMAN-EVENT-MIB)
mteHotTrigger, mteHotTargetName,
mteHotContextName, mteHotOID,
mteHotValue, cempMemPoolName,
cempMemPoolHCUsed
The snmp-server enable traps
memory-threshold command is used to
enable the memory threshold notification.
The mteHotOID is set to
cempMemPoolHCUsed. The
cempMemPoolName and
cempMemPoolHCUsed objects are sent
with the other objects.
mteTriggerFired
(DISMAN-EVENT-MIB)
Note Not supported on the
ASA Services Module.
mteHotTrigger, mteHotTargetName,
mteHotContextName, mteHotOID,
mteHotValue, ifHCInOctets,
ifHCOutOctets, ifHighSpeed,
entPhysicalName
The snmp-server enable traps
interface-threshold command is used to
enable the interface threshold
notification. The entPhysicalName
objects are sent with the other objects.
natPacketDiscard
(NAT-MIB)
ifIndex The snmp-server enable traps nat
packet-discard command is used to
enable the NAT packet discard
notification. This notification is rate
limited for 5 minutes and is generated
when IP packets are discarded by NAT
because mapping space is not available.
The ifIndex gives the ID of the mapped
interface.
warmStart
(SNMPv2-MIB)
—The snmp-server enable traps snmp
warmstart command is used to enable
and disable transmission of these traps.
Table79-5 Supported Traps (Notifications) (continued)