1 Reply Latest reply on Apr 23, 2013 3:28 PM by apscherz

    Monitoring through the WAN

    paq7512

      Hi!

      I will start out by saying that our company purchased NPM and the Netflow engine. I would like to know what is the best way to setup through the WAN and how do you do so? We have an Amazon cloud server, and currently would like to monitor two devices, a Cisco 1921 and a Cisco ASA 5505. Would someone please help me know the settings and configurations for the two? The ports numbers, the Cisco IOS and ASA configs? Both the ASA and ISR are internet facing with nothing but the demarcation in front of the devices at both sites. Thanks for your time.

        • Re: Monitoring through the WAN
          apscherz

          In my experience, you'll need to monitor via the inside network. Cisco doesn't like sending SNMP traffic out of the outside interface, so you should have a VPN tunnel or something like that set up with that site so if you point the SNMP through the inside network you should be ok. Here's what we did:

           

          same-security-traffic permit inter-interface

          same-security-traffic permit intra-interface

          flow-export destination Inside <solarwinds server address> 2055                    2055 is default port for netflow

          flow-export template timeout-rate 1

          flow-export delay flow-create 15

          snmp-server host Inside <solarwinds server address> community ***** version 2c udp-port 161

          snmp-server enable traps snmp authentication linkup linkdown coldstart

           

           

          but we are also only doing snmpv2, the v3 config is different.

          1 of 1 people found this helpful