I´m trying to set snmp trap when cisco asa 5510 is changed.
I´m using this line:
snmp-server host DMZ ZZ.YY.XX.5 community *****
snmp-server enable traps entity config-change fru-insert fru-remove
But it doesn´t send any trap when I modify or save my config.
Is it the right way?
In the cisco doc is not very clear what config-change means.
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/monitor_snmp.html
The snmp-server enable traps entity config-change fru-insert fru-remove command is used to enable this notification.
What type of config-change refers ? hardware o system config file?
Best Answer
For mine I use:
snmp-server enable traps entity config-change
This captures any running or startup config changes. The
fru-insert
andfru-remove
should capture hardware changes (not problems with existing but actual inserts or removals of modules).I know you specified the community in the
snmp-server host
line but do you also have a line forsnmp-server community *****
?I use snmp v3 so mine will look different than yours, but still, you should be right.
Are you sure it isn't sending traps though?
You can troubleshoot with various commands (or even using an snmpwalk tool like the one from Paessler):