[unisog] Getting ARP tables from Cisco switches via snmp --
jens.haeusser at ubc.ca
Wed Jan 7 21:18:48 GMT 2004
We have a similar database in place, and are having the same issues ith
our Cisco PIXes. Right now we get the ARP tables by logging into the
PIXes and screen-scraping, but we'd love to do it via SNMP as well. If
anyone knows how to get the ARP table from a PIX via SNMP, we'd be
greatful for the information.
Manager, Information Security Office
University of British Columbia
Russell Fulton wrote:
>Seasons Greetings to All,
>Does anyone know the OID to retrieve ARP tables from Cisco switches?
>We are working on a project to maintain a map of MAC, IP addrs and
>switch ports in a database that we can easily interrogate (even if the
>machine we are looking for is not on line). We discovered the need for
>this during the frenzy of patching in the latter part of last year when
>we had frequent problems with tracking down vulnerable machines.
>WE have long maintained a data base built from the ARP tables of the
>routers that allows us to keep track of the mapping on MAC to IP and we
>want to extend this out to the edge switches.
>We can get the data by logging in and using command line functions to
>dump the tables but would much prefer to get the information via snmp.
>The problem is that we cannot find the OID to access the tables on our
>cisco switches. We have used snmp_walk to go though the mib but have
>not found anything. Cisco must be using different naming conventions
>within the min between the routers and switches. Sigh....
>Cheers and thanks, Russell
More information about the unisog