--- Begin Message ---
Okay I think I solved this one myself.
> I am querying a Cisco ASA with SNMP for IPSEC peers I am using
> 1.3.6.1.4.1.9.9.171.1.2.3.1.7 from CISCO-IPSEC-FLOW-MONITOR-MIB which shows
all peer
> addresses. However, one is missing. And the only difference I find is that
this one is
> using NAT-T. Is anyone aware of a limitation in this MIB and where I could
find that
> peer instead?
>
> ASA is running 9.8(4)32.
The information about an IPSEC/NAT-T peer I was able to find the peer in
CISCO-REMOTE-ACCESS-MONITOR-MIB which a peer ID that is offset +1 from the remaining
information about that peer in CISCO-IPSEC-FLOW-MONITOR-MIB with an RFC1918 IP as Peer IP
that doesn't match anything in the config. However, the corresponding values (e.g. for
authMethod) in CISCO-IPSEC-FLOW-MONITOR-MIB do not really make sense but I can ignore that
for now.
Does what I have found make sense? Anyone care to comment?
Thank you!
Sascha
--- End Message ---
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
