[mrtg] Re: PIX
FabioAlKas at aol.com
FabioAlKas at aol.com
Fri Jun 18 21:35:46 MEST 2004
In a message dated 18/06/2004 15:33:29 E. South America Standard Tim,
JPierini at mmlive.com writes:
With the kindest of regards, I disagree. I have MRTG monitoring all my Cisco
PIX firewalls via the outside interface. Add the following line to your PIX
config:
snmp-server host outside xxx.xxx.xxx.xxx
where xxx.xxx.xxx.xxx is the IP address of your MRTG server. Ensure that
your allow SNMP through the firewall protecting your MRTG server.
Joseph Pierini
Here is the configs for my cisco in a lab enviroment:
INTS:
access-group PERMIT_ICMP in interface outside1
access-group PERMIT_ICMP in interface inside1
ACL:
access-list PERMIT_ICMP line 1 permit icmp any any (hitcnt=777)
access-list PERMIT_ICMP line 16 permit udp any any eq snmp (hitcnt=0)
SNMP:
snmp-server host outside2 10.10.10.10
snmp-server location public
snmp-server contact public
snmp-server community public
snmp-server enable traps
and i´m using this line on mrtg:
/usr/local/mrtg-2/bin/cfgmaker public at 10.10.10.10
The mrtg host is direct connected at the outside interface, and there is no
firewalls between host and pix.
This is only for test, if works i will use the correct MIB for this
equipament.
And the Public comunity and ip was change on the information above.
I still got the error no response received.
Thanks for your help.
Best Regards
================================================
Fabio Al kas
ICNET Network Coordinator
Infrastructure & IT
America OnLine - Brazil
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list