07-28-2008 04:36 PM
Hi Guys
What i would like to do is setup a "snmp view" and restrict access to specific interfaces and then limit access to certain mibs.
The problem is i have 10+ interfaces that i will need to snmp get from.
and if i have to define every OID for each interface then it will make my view config very large for example.
If i want to see ifInUcastPkts for 3 interfaces
OID 1.3.6.1.2.1.2.2.1.11
My SNMP view would be
snmp-server view roview ifEntry.11.10116 included
snmp-server view roview ifEntry.11.10124 included
snmp-server view roview ifEntry.11.10601 included
if i want ifAdminStatus
OID 1.3.6.1.2.1.2.2.1.7
snmp-server view roview ifEntry.7.10116 included
snmp-server view roview ifEntry.7.10124 included
snmp-server view roview ifEntry.7.10601 included
is there a way to cut down on the config using wildcards? and still have some sort of security
07-28-2008 05:41 PM
You can use a '*' as a wildcard in views. See http://www.cisco.com/en/US/docs/ios/12_3/configfun/command/reference/cfr_1g11.html#wp1033027 for more details.
07-28-2008 07:22 PM
Thats fine i did know that the wildcard existed but it only denotes a specific sub tree.
in my example i dont think it will work as if i use
snmp-server view roview ifEntry.*.10116 included
then all of the ifEntry.* subtree will be visible for that interface.
07-28-2008 07:48 PM
Yes, that's true. There is no range wildcard or mask that can be applied.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide