[mrtg] Re: CISCO PIX firewall
Congdon, Christopher
CCongdon at WorkNET.net
Wed Apr 5 23:07:03 MEST 2000
Remember the first rule of good firewalls... What is not explicity allowed
is DENIED. Which means:
snmp-server host inside 172.31.13.254
snmp-server host inside 172.31.13.113
You need to tell the PIX *exactly* which IP's are allowed to pull SNMP
info... in ADDITION to needing to know the community. It's not the Cisco
SECURE PIX firewall for nothing! =-)
Chris
-----Original Message-----
From: Lars Hecking [mailto:lhecking at nmrc.ucc.ie]
Sent: Wednesday, April 05, 2000 3:43 PM
To: mrtg at list.ee.ethz.ch
Subject: [mrtg] Re: CISCO PIX firewall
Joe Tang writes:
> Is there a reason why I am not able to generate a config file with
cfgmaker.
> Within the router I have "SNMP-SERVER community public" but yet when I run
> cfgmaker I get, snmp error: no response received...
> SNMPGET problem for sysDescr sys Contact sysName...
I have the very same problem. I'm pretty sure that I have set up the
PIX correctly, according the manual.
snmpwalk gives me "End of MIB" as only output.
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
More information about the mrtg
mailing list