I have a customer, due to cost saving, recently migrated from
a checkpoint NGx firewall over to Cisco ASA 5510
firewall with 8.0(3).
There is a Linux host on the internal network that supports
snmp version 1, 2c and 3. I want host Linux_internal to querry
host SNMP_Server with snmp version 1 or 2c; however, Linux_vendors
has to use snmp version 3 to querry the SNMP_Server host because
they are going across the Internet and that I want the snmp
traffic to be encrypted.
I want to know how it can be done with ASA5510. Prior to the
migration over to the ASA5510, I used Checkpoint firewall
integrated SmartDefense to make this work.
Is it possible with ASA to block access snmp version 1 and 2c
over the Internet and allow only snmp version 3?