73-5
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 73 Configuring SNMP
Prerequisites for SNMP
Prerequisites for SNMP
SNMP has the following prerequisite:
You must have Cisco Works for Windows or another SNMP MIB-II compliant browser to receive SNMP
traps or browse a MIB.
Guidelines and Limitations
Context Mode Guidelines
Supported in single and multiple context modes.
Firewall Mode Guidelines
Supported in routed and transparent firewall modes.
Failover Guidelines
• Supported in SNMP Version 3.
• The SNMP client in each adaptive security appliance shares engine data with its peer. Engine data
includes the engineID, engineBoots, and engineTime objects of the SNMP-FRAMEWORK-MIB.
IPv6 Guidelines
Does not support IPv6.
Additional Guidelines
• Does not support view-based access control, but the VACM MIB is available for browsing to
determine default view settings.
• Does not support SNMP Version 3 for the AIP SSM or AIP SSC.
• Does not support SNMP debugging.
• When using NET-SNMP Version 5.4.2.1, only supports the encryption algorithm version of
AES128. Does not support the encryption algorithm versions of AES246 or AES192.
• For SNMP Version 3, configuration must occur in the following order: group, user, host.
• Before a group is deleted, you must ensure that all users associated with that group are deleted.
• Before a user is deleted, you must ensure that no hosts are configured that are associated with that
username.
• If users have been configured to belong to a particular group with a certain security model, and if
the security level of that group is changed, you must do the following in this sequence:
–
Remove the users from that group.
–
Change the group security level.
–
Add users that belong to the new group.
• The creation of custom views to restrict user access to a subset of MIB objects is not supported.
• All requests and traps are available in the default Read/Notify View only.
To Next Page
Loading...
Need help?
General
