[unisog] Getting ARP tables from Cisco switches via snmp -- slightly OT

Jens Haeusser jens.haeusser at ubc.ca
Wed Jan 7 21:18:48 GMT 2004


We have a similar database in place, and are having the same issues ith 
our Cisco PIXes. Right now we get the ARP tables by logging into the 
PIXes and screen-scraping, but we'd love to do it via SNMP as well. If 
anyone knows how to get the ARP table from a PIX via SNMP, we'd be 
greatful for the information.

Jens Haeusser
Manager, Information Security Office
University of British Columbia

Russell Fulton wrote:

>Seasons Greetings to All,
>
>
>Does anyone know the  OID to retrieve ARP tables from Cisco switches?
>
>Background:
>
>We are working on a project to maintain a map of MAC, IP addrs and
>switch ports in a database that we can easily interrogate (even if the
>machine we are looking for is not on line).  We discovered the need for
>this during the frenzy of patching in the latter part of last year when
>we had frequent problems with tracking down vulnerable machines.
>
>WE have long maintained a data base built from the ARP tables of the
>routers that allows us to keep track of the mapping on MAC to IP and we
>want to extend this out to the edge switches.
>
>We can get the data by logging in and using command line functions to
>dump the tables but would much prefer to get the information via snmp. 
>The problem is that we cannot find the OID to access the tables on our
>cisco switches.  We have used snmp_walk to go though the mib but have
>not found anything.  Cisco must be using different naming conventions
>within the min between the routers and switches.  Sigh....
>
>Cheers and thanks, Russell
>
>  
>



More information about the unisog mailing list