Spectrum does not model IPSec Tunnel interfaces for Cisco ASA (Adaptive Security Appliance) firewall devices.

Document ID : KB000005038
Last Modified Date : 20/12/2018
Show Technical Document Details
Issue:

IPSec tunnel interfaces are not modeled for CiscoASA device models.

Cause:

TheCiscIPSecExtAp application model provides the intelligence for the creation of IPSec Tunnel interface models. Spectrum currently requires a device to provide data from the CISCO-IPSEC-MIB and CISCO-IPSEC-FLOW-MONITOR-MIB for the creation of the CiscIPSecExtAp application model creation. Cisco ASA devices do not provide data from the CISCO-IPSEC-MIB (the default attr is cipsIsakmpEnabled). 

Resolution:

Spectrum 10.3.0 introduced an extension to the intelligence to the Cisco ASA model type. Tunnel interfaces will be modeled using MIBs additional to the currently required CISCO-IPSEC-MIB and the dependent CiscIPSecExtAp application model creation.