SNMPv3 granular access control for traps and reads?

Answered Question

Is it possible to create a SNMPv3 user which can only be used for traps (SNMP GET requests will not be allowed from the same NMS)?

It seems that creating "notify group" also allows reads:

snmp-server group trapgroup v3 auth notify v1default

show snmp group

groupname: trapgroup security model:v3 auth

readview : v1default writeview: <no writeview specified>

notifyview: v1default

row status: active

I have this problem too.
0 votes
Correct Answer by Joe Clarke about 8 years 2 months ago

Sure, just create a bogus read view. For example:

snmp-server view noread iso excluded

snmp-server group notifGroup v3 auth notify v1default read noread

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion