Snmp version 3, Snmp version 3 overview – Cisco ASA 5505 User Manual

Page 1795

Advertising
background image

79-15

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 79 Configuring SNMP

Information About SNMP

SNMP Version 3

This section describes SNMP Version 3 and includes the following topics:

SNMP Version 3 Overview, page 79-15

Security Models, page 79-16

SNMP Groups, page 79-16

SNMP Users, page 79-16

SNMP Hosts, page 79-16

Implementation Differences Between the ASA, ASA Services Module, and the Cisco IOS Software,
page 79-16

SNMP Version 3 Overview

SNMP Version 3 provides security enhancements that are not available in SNMP Version 1 or SNMP
Version 2c. SNMP Versions 1 and 2c transmit data between the SNMP server and SNMP agent in clear
text. SNMP Version 3 adds authentication and privacy options to secure protocol operations. In addition,
this version controls access to the SNMP agent and MIB objects through the User-based Security Model

mteTriggerFired

(DISMAN-EVENT-MIB)

mteHotTrigger, mteHotTargetName,
mteHotContextName, mteHotOID,
mteHotValue, cempMemPoolName,
cempMemPoolHCUsed

The snmp-server enable traps
memory-threshold
command is used to
enable the memory threshold notification.
The mteHotOID is set to
cempMemPoolHCUsed. The
cempMemPoolName and
cempMemPoolHCUsed objects are sent
with the other objects.

mteTriggerFired

(DISMAN-EVENT-MIB)

Note

Not supported on the
ASA Services Module.

mteHotTrigger, mteHotTargetName,
mteHotContextName, mteHotOID,
mteHotValue, ifHCInOctets,
ifHCOutOctets, ifHighSpeed,
entPhysicalName

The snmp-server enable traps
interface-threshold
command is used to
enable the interface threshold
notification. The entPhysicalName
objects are sent with the other objects.

natPacketDiscard

(NAT-MIB)

ifIndex

The snmp-server enable traps nat
packet-discard
command is used to
enable the NAT packet discard
notification. This notification is rate
limited for 5 minutes and is generated
when IP packets are discarded by NAT
because mapping space is not available.
The ifIndex gives the ID of the mapped
interface.

warmStart

(SNMPv2-MIB)

The snmp-server enable traps snmp
warmstart
command is used to enable
and disable transmission of these traps.

Table 79-5

Supported Traps (Notifications) (continued)

Advertising