Wednesday, 24 April 2013

Showing SNMP Strings in a Cisco ASA

Hi Everyone. So... not a single post since October last year! Must try harder...

Trying to figure out what you have configured for an SNMP String on a Cisco ASA can be pain in the arse on ASA version 8 and up. (It looks like they are shown in plain text in versions 7 and earlier). You look at the running configuration


ASA# sh run | inc snmp
 snmp-server host INTERFACE 10.1.1.1 poll community ***** version 2c


 no snmp-server location
 no snmp-server contact
 snmp-server community *****
 snmp-server enable traps snmp authentication linkup linkdown coldstart

You think to yourself (or I do anyway) maybe its not shown in the running config but it is shown in the startup configuration;

ASA# sh start | inc snmp
 snmp-server host INTERFACE 10.1.1.1 poll community ***** version 2c
 no snmp-server location
 no snmp-server contact
 snmp-server community *****
 snmp-server enable traps snmp authentication linkup linkdown coldstart

Nope!

The trick is to simply access the running configuration at a file level to revel it's dirty SNMP secrets;

ASA# more system:running-config | inc snmp
 snmp-server host INTERFACE 10.1.1.1 poll community C0munit7Str1ng version 2c
 no snmp-server location
 no snmp-server contact
 snmp-server community C0munit7Str1ng 
 snmp-server enable traps snmp authentication linkup linkdown coldstart
ASA#

Kick Ass!
Posted by at No comments:
Subscribe to: Posts (Atom)