cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
541
Views
0
Helpful
2
Replies

SNMPv3 granular access control for traps and reads?

ovt
Level 4
Level 4

Is it possible to create a SNMPv3 user which can only be used for traps (SNMP GET requests will not be allowed from the same NMS)?

It seems that creating "notify group" also allows reads:

snmp-server group trapgroup v3 auth notify v1default

show snmp group

groupname: trapgroup security model:v3 auth

readview : v1default writeview: <no writeview specified>

notifyview: v1default

row status: active

1 Accepted Solution

Accepted Solutions

Joe Clarke
Cisco Employee
Cisco Employee

Sure, just create a bogus read view. For example:

snmp-server view noread iso excluded

snmp-server group notifGroup v3 auth notify v1default read noread

View solution in original post

2 Replies 2

Joe Clarke
Cisco Employee
Cisco Employee

Sure, just create a bogus read view. For example:

snmp-server view noread iso excluded

snmp-server group notifGroup v3 auth notify v1default read noread

brilliant!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco