The concept of snmpwalk is very simple. All you are doing is asking a remote device that has an snmp string configured about a particular MIB. In the case of this example I am asking an IPS about it's operational status and it's interfaces. As long as you are allowed access to request the information (in the case of the IPS I specifically allowed the workstation I am requesting the information from) you should have no problem.
• From a unix box you would issue the following:
snmpwalk [the version of snmp it's running]
-c [the snmp sting you configured for read only access]
[the ip address of the remote device]
[the information being requested] You can get a listing of supported MIB's here
• It ends up looking something like this:
host$ snmpwalk -v2c -c public x.x.x.x ifOperStatus
- This is the output that you get for the operational status request:
IF-MIB::ifOperStatus.1 = INTEGER: up(1)
IF-MIB::ifOperStatus.2 = INTEGER: up(1)
IF-MIB::ifOperStatus.3 = INTEGER: up(1)
IF-MIB::ifOperStatus.4 = INTEGER: up(1)
IF-MIB::ifOperStatus.5 = INTEGER: down(2)
• Same thing for an interface description request:
host$ snmpwalk -v2c -c public x.x.x.x ifDescr
IF-MIB::ifDescr.1 = STRING: lo
IF-MIB::ifDescr.2 = STRING: eth0
IF-MIB::ifDescr.3 = STRING: sy0_0
IF-MIB::ifDescr.4 = STRING: ma0_0
IF-MIB::ifDescr.5 = STRING: ge0_0
• And another output from the interface admin status
host$ snmpwalk -v2c -c public x.x.x.x ifAdminStatus
IF-MIB::ifAdminStatus.1 = INTEGER: up(1)
IF-MIB::ifAdminStatus.2 = INTEGER: up(1)
IF-MIB::ifAdminStatus.3 = INTEGER: up(1)
IF-MIB::ifAdminStatus.4 = INTEGER: up(1)
IF-MIB::ifAdminStatus.5 = INTEGER: down(2)
Happy querying!
Thursday, November 25, 2010
Wednesday, November 24, 2010
Upgrading ASA 5505 Memory and Flash
This post is focusing on the upgrade process for the ASA 5505 from version 8.2 to 8.3. The new code requires more memory and so you will need to crack the box open and pull out the existing memory module and if you want, the compact flash module as well.
The process is very easy, just flip it over and pop the tree screws loose (pull the sides apart and lift up and the cover should come right off). The next step is to pull the memory module out and replace it - super easy and you can watch someone do it on youtube here.
Now comes the hard part - upgrading the compact flash. You would think you could pull the existing flash card out of the slot (the one that the cover was obscuring) and place the new one in the slot, power it up and dump into RMON and erase it - like this:.
rommon #1> erase ?
Erase storage media, valid for this platform:
disk0: - erase this device
all - erase all devices listed above
!
rommon #1> erase disk0:
About to erase the selected device, this will erase
all files including configuration, and images.
Continue with erase? y/n [n]: y
Erasing Disk0:
.................................................
Then all you would need to do is connect the old compact flash card to a USB reader and pull the files off the old one (remember to get the hidden directories) and then copy those onto the new card....
• Nope. The card once formatted by the ASA is unreadable in a PC. The format that is required is Microsoft FAT 16.
Going back to the PC and the unreadable flash card - format the card to the correct type and then copy over the files and clean things up a bit. It should look something like this when you list all the files from a PC:
drwxrwxrwx 816 Nov 24 22:56 .
drwxr-xr-x 136 Nov 24 22:56 ..
!
<---- .private is where all the magic files are stored
drwxrwxrwx 408 May 6 2008 .private
!
-rwxrwxrwx 15962112 Nov 20 2010 asa832-k8.bin
-rwxrwxrwx 16275456 May 11 2009 asa821-k8.bin
!
-rwxrwxrwx 14503836 Nov 20 2010 asdm-634.bin
-rwxrwxrwx 11348300 May 11 2009 asdm-621.bin
!
drwxrwxrwx 102 May 11 2009 coredumpinfo
drwxrwxrwx 68 May 6 2008 crypto_archive
• Now take that freshly loaded new flash card and place it into the ASA and boot it up.
Good luck!
The process is very easy, just flip it over and pop the tree screws loose (pull the sides apart and lift up and the cover should come right off). The next step is to pull the memory module out and replace it - super easy and you can watch someone do it on youtube here.
Now comes the hard part - upgrading the compact flash. You would think you could pull the existing flash card out of the slot (the one that the cover was obscuring) and place the new one in the slot, power it up and dump into RMON and erase it - like this:.
rommon #1> erase ?
Erase storage media, valid
disk0: - erase this device
all - erase all devices listed above
!
rommon #1> erase disk0:
About to erase the selected device, this will erase
all files including configuration, and images.
Continue with erase? y/n [n]: y
Erasing Disk0:
.................................................
Then all you would need to do is connect the old compact flash card to a USB reader and pull the files off the old one (remember to get the hidden directories) and then copy those onto the new card....
• Nope. The card once formatted by the ASA is unreadable in a PC. The format that is required is Microsoft FAT 16.
Going back to the PC and the unreadable flash card - format the card to the correct type and then copy over the files and clean things up a bit. It should look something like this when you list all the files from a PC:
drwxrwxrwx 816 Nov 24 22:56 .
drwxr-xr-x 136 Nov 24 22:56 ..
!
<---- .private is where all the magic files are stored
drwxrwxrwx 408 May 6 2008 .private
!
-rwxrwxrwx 15962112 Nov 20 2010 asa832-k8.bin
-rwxrwxrwx 16275456 May 11 2009 asa821-k8.bin
!
-rwxrwxrwx 14503836 Nov 20 2010 asdm-634.bin
-rwxrwxrwx 11348300 May 11 2009 asdm-621.bin
!
drwxrwxrwx 102 May 11 2009 coredumpinfo
drwxrwxrwx 68 May 6 2008 crypto_archive
• Now take that freshly loaded new flash card and place it into the ASA and boot it up.
Good luck!
Subscribe to:
Posts (Atom)
