Actually. netmon will monitor that failover
for you and generate a special event when it occurs. See the Fixpack 4
release notes:
PIX Firewall Failover support
IBM Tivoli NetView provides support for monitoring the
Cisco PIX Firewall Failover conditions. NetView can monitor the failover
state of the PIX devices during normal status polling. When a failover
occurs, a new event is generated announcing whether the active addresses
are on the primary or secondary device. In addition, the operator can see
on the map when the active addresses are on the secondary device, which
indicates that a failover has occurred and action should be taken to prevent
a further failure that disables the firewalls. The management interface
shows USER2 status, which is usually purple (by default). This propagates
to change the PIX device symbol to marginal. When the active addresses
are returned to the primary device, an event announces this fact and the
status on the map returns to Normal.
Use the netmon.seed file to configure both the PIX Firewall
Failover machines and to set and lock the SNMP address.
For more information on the PIX Firewall Failover support
see the /usr/OV/doc/PixFailoverReadme.pdf file.
Cordially,
Leslie A. Clark
IT Services Specialist, Network Mgmt
Information Technology Services Americas
IBM Global Services
(248) 552-4968 Voicemail, Fax, Pager
"Catalina Martinez"
<Catalina.Martinez AT tlc.state.tx DOT us>
Sent by: nv-l-bounces AT lists.ca.ibm DOT com
12/08/2006 10:23 AM
Please respond to
Tivoli NetView Discussions <nv-l AT lists.ca.ibm DOT com> |
|
To
| "Tivoli NetView Discussions"
<nv-l AT lists.ca.ibm DOT com>
|
cc
| nv-l AT lists.us.ibm DOT com
|
Subject
| [NV-L] cisco pix firewall |
|
Hello,
Running Netview 7.1.4
FP 4, AIX 5.2.. Cisco PIX 535 version 6.3
I've been tasked with
creating an alert when the PIX fails over (from primary to secondary /
and vice versa). I currently have a separate window when certain devices
go down, and I also have pop-up windows when a link down trap is received
from a critical devices..
If I remember right,
there is a trap that is sent when a PIX fails over? If I can
determine the right trap then I can use that to generate a popup or email
message. Is there any special configuration to netmon.seed?
Has anyone successfully
monitored a failover?
Thanks
Catalina
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to
internal IBM'ers only)
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to
internal IBM'ers only)
|