nv-l
[Top] [All Lists]

RE: [nv-l] Cisco PIX Monitoring

To: <nv-l@lists.us.ibm.com>
Subject: RE: [nv-l] Cisco PIX Monitoring
From: "Catalina Martinez" <Catalina.Martinez@tlc.state.tx.us>
Date: Wed, 6 Apr 2005 15:37:23 -0500
Delivery-date: Wed, 06 Apr 2005 21:37:50 +0100
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com
Thread-index: AcU6GEgvN7f+6J2iRhaGxFFfIe242gAzpZdQAABdxRA=
Thread-topic: [nv-l] Cisco PIX Monitoring
One more question? Which trap (trap number) does it generate. I want to
set up a rule to generate an email when the failover occurs.

-----Original Message-----
From: owner-nv-l@lists.us.ibm.com [mailto:owner-nv-l@lists.us.ibm.com]
On Behalf Of Catalina Martinez
Sent: Wednesday, April 06, 2005 3:32 PM
To: nv-l@lists.us.ibm.com
Subject: RE: [nv-l] Cisco PIX Monitoring

Where do I find the /usr/OV/doc/PixFailoverReadme.pdf file? The
production Netview is running AIX 5.2 ML 04 Netview 7.1.4 FP02. I did
not find the file. 

ON the backup Netview, running the same OS level and Netview 7.1.4. Just
today, I've installed FP02 and FP03 and I still don't find the
PixFailoverReadme.pdf file.?

Just from the release notes for the Pix failover, it states to enter on
the seedfile:
> ipaddress 

Do we enter ip address for the primary and secondary(failover) pix? or
just the primary? 

At this point to we do netmon -y to recycle the seed file. Is there
anything else that we need to do to the node itself? demandpoll ?
rediscover?

Catalina


-----Original Message-----
From: owner-nv-l@lists.us.ibm.com [mailto:owner-nv-l@lists.us.ibm.com]
On Behalf Of James Shanks
Sent: Tuesday, April 05, 2005 2:47 PM
To: nv-l@lists.us.ibm.com
Subject: RE: [nv-l] Cisco PIX Monitoring





>From the 7.1.4 FP02 Release Notes:

PIX Firewall Failover support


IBM Tivoli NetView provides support for monitoring the Cisco PIX
Firewall
Failover conditions. NetView can monitor the failover state of the PIX
devices during normal status polling. When a failover occurs, a new
event
is generated announcing whether the active addresses are on the primary
or
secondary device. In addition, the operator can see on the map when the
active addresses are on the secondary device, which indicates that a
failover has occurred and action should be taken to prevent a further
failure that disables the firewalls. The management interface shows
USER2
status, which is usually purple (by default). This propagates to change
the
PIX device symbol to marginal. When the active addresses are returned to
the primary device, an event announces this fact and the status on the
map
returns to Normal.


Use the netmon.seed file to configure both the PIX Firewall Failover
machines and to set and lock the SNMP address.


For more information on the PIX Firewall Failover support see the
/usr/OV/doc/PixFailoverReadme.pdf file.


Set and lock SNMP address


A NetView administrator can now set and lock the SNMP address for any
device.


For more information, see the A modified netmon.seed file section.



James Shanks
Level 3 Support  for Tivoli NetView for UNIX and Windows
Tivoli Software / IBM Software Group




<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web