ASA snmp enable

i want enable snmp on the ASA firewall.. So which command for enable snmp ? Please send solution ...
nisartlaaAsked:
Who is Participating?
 
ShareefHuddleConnect With a Mentor Commented:
Enabling SNMP
The SNMP agent that runs on the security appliance performs two functions:

•Replies to SNMP requests from NMSs.

•Sends traps (event notifications) to NMSs.

To enable the SNMP agent and identify an NMS that can connect to the security appliance, perform the following steps:


--------------------------------------------------------------------------------

Step 1 Ensure that the SNMP server on the security appliance is enabled by entering the following command:

hostname(config)# snmp-server enable
The SNMP server is enabled by default.

Step 2 To identify the IP address of the NMS that can connect to the security appliance, enter the following command:

hostname(config)# snmp-server host interface_name ip_address [trap | poll] [community
text] [version 1 | 2c] [udp-port port]
Where interface_name is the name of the NMS and ip_address is the IP address of the NMS.

Specify trap or poll if you want to limit the NMS to receiving traps only or browsing (polling) only. By default, the NMS can use both functions.

SNMP traps are sent on UDP port 162 by default. You can change the port number using the udp-port keyword.

Step 3 To specify the community string, enter the following command:

hostname(config)# snmp-server community key
The SNMP community string is a shared secret between the security appliance and the NMS. The key is a case-sensitive value up to 32 characters in length. Spaces are not permitted.

Step 4 (Optional) To set the SNMP server location or contact information, enter the following command:

hostname(config)# snmp-server {contact | location} text
Where text defines the SNMP server location or lists contact information.

Step 5 To enable the security appliance to send traps to the NMS, enter the following command:

hostname(config)# snmp-server enable traps [all | syslog | snmp [trap] [...] |
entity [trap] [...] | ipsec [trap] [...] | remote-access [trap]]
Enter this command for each feature type to enable individual traps or sets of traps, or enter the all keyword to enable all traps.

The default configuration has all SNMP traps enabled (snmp-server enable traps snmp authentication linkup linkdown coldstart). You can disable these traps using the no form of this command with the snmp keyword. However, use the clear configure snmp-server command to restore the default enabling of SNMP traps.

If you enter this command and do not specify a trap type, then the default is the syslog trap. (The default SNMP traps continue to be enabled along with the syslog trap.)

SNMP traps include:

•authentication

•linkup

•linkdown

•coldstart

Entity traps include:

•config-change—The trigger for an SNMP configuration change trap is the creation or the deletion of a context.

•fru-insert

•fru-remove

IPSec traps include:

•start

•stop

Remote-access traps include:

•session-threshold-exceeded

Step 6 To enable system log messages to be sent as traps to the NMS, enter the following command:

hostname(config)# logging history level
Where level defines the logging severity level.

You must also enable syslog traps using the snmp-server enable traps command.

Step 7 To enable logging, so that system messages are generated and can then be sent to an NMS, enter the following command:

hostname(config)# logging enable


--------------------------------------------------------------------------------

Note If SNMP traffic is not being allowed through the security appliance interfaces, you might also need to permit ICMP traffic from the remote SNMP server using the icmp permit command.


--------------------------------------------------------------------------------

--------------------------------------------------------------------------------

The following example sets the security appliance to receive requests from host 192.168.3.2 on the inside interface:

hostname(config)# snmp-server host 192.168.3.2
hostname(config)# snmp-server location building 42
hostname(config)# snmp-server contact Pat lee
hostname(config)# snmp-server community ohwhatakeyisthee
0
All Courses

From novice to tech pro — start learning today.