Cisco Systems ASA 5510, ASA 5512-X, ASA 5515-X, ASA 5520, ASA 5525-X, ASA 5540, ASA 5545-X, ASA 5550, ASA 5555-X, ASA 5580, ASA 5585-X, ASA 5505 Configuring SNMP

CHAPT ER

78-1

Cisco ASA 5500 Series Configuration Guide using ASDM

Configuring SNMP

This chapter describes how to configure SNMP to monitor the ASA and includes the following sections:

•Information About SNMP, page78-1

•Licensing Requirements for SNMP, page78-4

•Prerequisites for SNMP, page78-4

•Guidelines and Limitations, page78-4

•Configuring SNMP, page78-5

•Monitoring SNMP, page78-9

•Where to Go Next, page78-10

•Additional References, page78-10

•Feature History for SNMP, page78-13

SNMP is an application-layer protocol that facilitates the exchange of management information between

network devices and is part of the TCP/IP protocol suite. This section describes SNMP and includes the

following topics:

•Information About SNMP Terminology, page78-2

•SNMP Version 3, page78-2

The ASA provides support for network monitoring using SNMP Versions 1, 2c, and 3, and supports the

use of all three versions simultaneously. The SNMP agent running on the ASA interface lets you monitor

the ASA and through network management systems (NMSs), such as HP OpenView. The ASA supports

SNMP read-only access through issuance of a GET request. SNMP write access is not allowed, so you

cannot make changes with SNMP. In addition, the SNMP SET request is not supported.

You can configure the ASA to send traps, which are unsolicited messages from the managed device to

the management station for certain events (event notifications) to an NMS, or you can use the NMS to

browse the MIBs on the ASA. MIBs are a collection of definitions, and the ASA maintains a database

of values for each definition. Browsing a MIB means issuing a series of GET-NEXT or GET-BULK

requests of the MIB tree from the NMS to determine values.

The ASA has an SNMP agent that notifies designated management stations if events occur that are

predefined to require a notification, for example, when a link in the network goes up or down. The

notification it sends includes an SNMP OID, which identifies itself to the management stations. The

ASASNMP agent also replies when a management station asks for information.

Cisco Systems Configuring SNMP