1. Home
  2. Cisco Systems
  3. tunnel snmp through vpn concentrator

tunnel snmp through vpn concentrator

I can't seem to find any documentation on how to monitor a pix through the pix to vpn concentrator tunnel. I want to send the snmp traffic from the remote pix through the tunnel through the concentrator to a local syslog server. I found a document that tells how to send snmp through a pix to pix tunnel and on the local pix you create an access list in your access list you use with the vpn that allows the ip of host syslog to host outside interface of remote pix. I am just not sure how to do this on a vpn concetrator 3000 series. I have all the correct routes and devices behind the remote pix can ping the local syslog servers ip. Thanks

Reply to
jspr
Loading thread data ...

Hi,

This might be a wild stab in the dark and/or a long shot but what if you configure logging with a source interface ie: "logging source-interface [internal_int]" and "snmp-server trap-source [internal_int]"

Do you actually receive any syslog messages at all?

Rob

Reply to
RobO

I tried logging like this syslog =192.168.200.50 remote pix: I tried both logging host inside 192.168.200.50 and logging host outside 192.168.200.50 I also tried adding the access-list part of the tunnel access-list in the remote pix like it says to do in the pix-to-pix snmp tunnel doc access-list vpn permit ip host 192.168.200.50 host outside interface None of this worked I even tried pointing the logging host to the inside interface of the concentrator to see if the concentrator would pass the syslog msgs with its own and got nothing thanks

Reply to
jspr

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.