79-18
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter79 Configuring SNMP
Configuring SNMP
Does not support SNMP Version 3 for the AIP SSM or AIP SSC.
Does not support SNMP debugging.
Does not support retireval of ARP information.
Does not support SNMP SET commands.
When using NET-SNMP Version 5.4.2.1, only supports the encryption algorithm version of
AES128. Does not support the encryption algorithm versions of AES256 or AES192.
Changes to the existing configuration are rejected if the result places the SNMP feature in an
inconsistent state.
For SNMP Version 3, configuration must occur in the following order: group, user, host.
Before a group is deleted, you must ensure that all users associated with that group are deleted.
Before a user is deleted, you must ensure that no hosts are configured that are associated with that
username.
If users have been configured to belong to a particular group with a certain security model, and if
the security level of that group is changed, you must do the following in this sequence:
Remove the users from that group.
Change the group security level.
Add users that belong to the new group.
The creation of custom views to restrict user access to a subset of MIB objects is not supported.
All requests and traps are available in the default Read/Notify View only.
The connection-limit-reached trap is generated in the admin context. To generate this trap. you must
have at least one snmp-server host configured in the user context in which the connection limit has
been reached.
The value returned for ifNumber will be larger than the number of interfaces that you can query
through SNMP, because ifNumber includes hidden internal interfaces that are not viewable.
You cannot query for the chassis temperature for the ASA 5585 SSP-40 (NPE).
Configuring SNMP
This section describes how to configure SNMP and includes the following topics:
Enabling SNMP, page79-18
Configuring SNMP Traps, page79-20
Configuring a CPU Usage Threshold, page79-21
Configuring a Physical Interface Threshold, page79-21
Using SNMP Version 1 or 2c, page79-22
Using SNMP Version 3, page79-23

Enabling SNMP

The SNMP agent that runs on the ASA performs two functions:
Replies to SNMP requests from NMSs.