How can we help?

How to enable SNMP on a Cisco ASA with Firepower Threat Defense

Follow

If you have a Cisco ASA with Firepower Threat Defense, you’ll need to enable SNMP using the Firepower device manager web interface. If you’re managing the Cisco device through the Managed Threat Defense web interface, the steps will vary.

The steps below use SNMP version 2c.

  1. From the top navigation, click Device.
  2. Scroll down to locate Advanced Configuration.
  3. Click View Configuration.
  4. From the side navigation, click FlexConfig Objects.
  5. Click the add icon (ZendeskKB_196.png) to add an object.
  6. Enter the name of SNMP-Server.
  7. Enter the following detail in the Template field. Replace Collector-IP with the IP address of the collector, replace Sample with the contact name, and replace HQ with the firewall’s location. For the community, enter the string you’d like. The example below shows private.
snmp-server enable
  snmp-server host inside1_8 Collector-IP poll community private version 2c
  snmp-server community private
  snmp-server contact Sample
  snmp-server location HQ
  1. Enter the following detail in the Negate Template field. Note that this text is a copy of the detail from the Template field, but with “no” added at the beginning of each line. Replace Collector-IP with the IP address of the collector, replace Sample with the contact name, and replace HQ with the firewall’s location. For the community, enter the string you’d like. The example below shows private.
no snmp-server enable
  no snmp-server host inside1_8 Collector-IP poll community private version 2c
  no snmp-server community private
  no snmp-server contact Sample
  no snmp-server location HQ
  1. Click OK.
  2. From the side navigation, click FlexConfig Policy.
  3. Click the add icon (ZendeskKB_196.png) to add a new policy.
  4. Select the SNMP-Server object just created.
  5. Click OK.
  6. From the top navigation, click the Deployment Summary icon (ZendeskKB_198.png).
  7. Click Deploy Now. The deployment can take several minutes to complete.
  8. If you used a community string other than public or private, add it to Auvik by following these steps.

All done! Your Cisco ASA with Firepower Threat Defense can now be monitored using Auvik.

Was this article helpful?
5 out of 12 found this helpful
Have more questions? Submit a request