HP iMC setting up NTA with Cisco ASA, help please? (469 Views)
Reply
Occasional Visitor
o0JeZ0o
Posts: 2
Registered: ‎12-03-2013
Message 1 of 4 (469 Views)

HP iMC setting up NTA with Cisco ASA, help please?

Hi all,

 

I'm trying to evaluate HP iMC and am having trouble getting Netflow traffic analysis to work with with our Cisco ASA.

 

When I discover the device in iMC it registers it as a Cisco AS5510 (correct) but categories it as a Voice device when it is a Security device.  Further inspection using the MIB browser shows me that the OID being reported for the device is 1.3.6.1.2.1.1.3.0 when it actually should be 1.3.6.1.4.1.9.1.669

 

The Cisco MIB support list for this device is here:  ftp://ftp.cisco.com/pub/mibs/supportlists/asa/asa-supportlist.html

 

Is someone able to help me with what I need to do to get this corrected in iMC?  I've followed all the guides and videos to get NTA setup and I have tested it working fine with another Cisco router, however iMC will just not receive data from the ASA no matter what I do and I think it is because the device is not being registered correctly as shown above.

 

I assume I need to import the MIB or Traps for the Cisco ASA into iMC, but I can't seem to work it out.

 

I'm new to both iMC and Cisco ASA's so detailed help would be greatly appreciated.  This is the last thing I need to get working correctly before I can recommend we purchase the product.

 

cheers

 

 

Please use plain text.
Honored Contributor
LindsayHill
Posts: 687
Registered: ‎11-16-2011
Message 2 of 4 (419 Views)

Re: HP iMC setting up NTA with Cisco ASA, help please?

ASAs do some non-standard things with NetFlow, and I haven't been able to get IMC to process that format.

 

1.3.6.1.2.1.1.3.0 is the sysUpTime OID. That will not be used to detect the device type. IMC will be polling 1.3.6.1.2.1.1.2 (sysObjectID), which should return  1.3.6.1.4.1.9.1.669

 

On the Device Details page for the ASA, it should report the sysOID. What does it say on that page? Can you post a screenshot of that?

 

You are unlikely to need to import any MIBs or Trap Definitions.

CCIE 36708 | @northlandboy | lkhill.com
Please use plain text.
Occasional Visitor
o0JeZ0o
Posts: 2
Registered: ‎12-03-2013
Message 3 of 4 (413 Views)

Re: HP iMC setting up NTA with Cisco ASA, help please?

[ Edited ]

Hi Lindsay, thanks for the reply. Please see attached a grab of the ASA device details in iMC.

 

I can get our ASA to send Netflow data just fine to PRTG Network Monitor as well as Whatsup Gold. I really like the features I can get out of HP iMC but it's making it hard for me to justify the purchase if I can't get the same functionality to work with our devices.

 

Hopefully you or someone might be able to give me some more info to get it working.... cheers

Please use plain text.
Honored Contributor
LindsayHill
Posts: 687
Registered: ‎11-16-2011
Message 4 of 4 (400 Views)

Re: HP iMC setting up NTA with Cisco ASA, help please?

Looking at IMC's Device Model DB, it seems to have classified the 5510 as a Voice system. That's no big deal though, it's really just a display thing. You can change it for that device to Security, or you can change the default for that Device Model (System -> Resource Management -> Device Model).

That will make no difference to NetFlow though. I wasn't able to get it working last time I tried with IMC 5.1 SP1, and I haven't seen anything in the more recent release notes to indicate that has changed.

See here for some more on this: http://www.netopscommunity.net/forums/-/message_boards/message/46586
CCIE 36708 | @northlandboy | lkhill.com
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation