RO SNMP string from PIX

Hi Everyone
I need to have a Read Only SNMP string to the PIX for one of my client managers the PIX inside interface is 172.21.100.x the manager computer is 172.21.104.x how to cconfigure that on PIX, is it required a reboot?
Also I think he needs SNMP agent? what is that agent and where to find?

Thanks guys

LVL 5
modathirAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JFrederick29Commented:
This should do it:

conf t
snmp-server host inside 172.21.104.x community <community string>
0
JFrederick29Commented:
Oh and it does not require a reboot.
0
modathirAuthor Commented:
What about the snmp agent ? how is he going to read the log?
 
Thanks
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

JFrederick29Commented:
He just needs an application that can SNMP poll.  There is no agent per se that needs to be installed on the computer.  What SNMP software is on the management computer?
0
modathirAuthor Commented:
He doesn't have any! I am asking is there a free one we can use or we need to buy one
Is there a recommended one user freindly?
0
JFrederick29Commented:
There are plenty of "pay for" applications (Ciscoworks, SiteScope, Solarwinds, etc...) but I'm not sure about free ones.  I have to believe there are some free linux based applications that can be used to SNMP poll.  What are you looking to collect from the Firewall?
0
JFrederick29Commented:
Oh, I forgot about a couple free ones.

Cacti - linux based (http://www.cacti.net/)

MRTG is another one for bandwidth utilization, etc..
0
modathirAuthor Commented:
Just need to collect the Syslog Traps
0
JFrederick29Commented:
If you are just looking to collect syslog messages and SNMP traps, you can use Kiwi which is a Windows based syslog/SNMP trap collector.  It is free for the non-enterprise version and simple to setup.

http://www.kiwisyslog.com/

You also need to setup logging on the PIX as well as enable SNMP traps:

logging enable
logging timestamp
logging buffered informational
logging trap informational
logging device-id hostname
logging host inside 172.21.104.x
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps syslog
snmp-server host inside 172.21.104.x community <community string>
0
modathirAuthor Commented:
I just learned that they have Solarwinds. I sthe same config will do the job?
 
Thanks
0
JFrederick29Commented:
Yes.
0
modathirAuthor Commented:
can the streng name be anything else other than community string because they have anther one for servers?
0
JFrederick29Commented:
<community string> was just an example.  I really meant for you to substitute that with a password.
0
modathirAuthor Commented:
snmp-server host inside 172.21.104.x community <secure>
this is not accepted by the pix only this command give me an error
0
JFrederick29Commented:
Okay, try this on the PIX (you must be running older code that doesn't support it):

snmp-server host inside 172.21.104.x
snmp-server community <secure>
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
modathirAuthor Commented:
I did that I am not getting any error but I don't see it on my config when I do show run config:
pager lines 24
logging enable
logging timestamp
logging buffered informational
logging trap informational
logging asdm warnings
logging from-address pix@nacg.ca
logging device-id hostname
logging host inside 172.21.104.60
I don't see the streng name here+ it is failed test from Solarwinds with name that I entered!!
 
Thanks
0
JFrederick29Commented:
Can you post a "show run | i snmp" and a "show version".
0
modathirAuthor Commented:
Sorry man it is working!
 
Thank you so much,
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.