Spectrum does not model IPSec Tunnel interfaces for Cisco ASA (Adaptive Security Appliance) firewall devices.

book

Article ID: 5038

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

IPSec tunnel interfaces are not modeled for CiscoASA device models.

Cause

TheCiscIPSecExtAp application model provides the intelligence for the creation of IPSec Tunnel interface models. Spectrum currently requires a device to provide data from the CISCO-IPSEC-MIB and CISCO-IPSEC-FLOW-MONITOR-MIB for the creation of the CiscIPSecExtAp application model creation. Cisco ASA devices do not provide data from the CISCO-IPSEC-MIB (the default attr is cipsIsakmpEnabled). 

Environment

Release: SDBSFO99000-10.2-Spectrum-Device Based Suite-Server FOC
Component:

Resolution

Cisco ASA devices do not provide data from the CISCO-IPSEC-MIB (the default attr is cipsIsakmpEnabled) therefore tunnel interfaces will not be modeled for Cisco ASA devices.