Solved: Can not apply IPv4 and Ipv6 ACL concurrently to control snmp access

Yi Fan XU · ‎07-14-2014

Hi All!

Recently I am trying to harden the switch and router snmp access.

But I realized that I can only apply one acl, either IPv4 acl or IPv6 acl.

Below are acl configuration.

access-list 12 permit 192.168.160.120

ipv6 access-list IPV6-SNMP-ACL
deny ipv6 any any log

First I control access using access-list 12 without problem.

snmp-server user username groupname v3 access 12

Then I control access using Ipv6 nacl. There is no problem to apply.

snmp-server user username groupname v3 access ipv6 IPV6-SNMP-ACL

But I do "sh run", I only see v6 access list applied.

Then i re-apply v4 access-list and do "sh run". This time I only see v4 access list applied.

Is this the limitation of IOS?

For information, router is running with c1900-universalk9-mz.SPA.151-4.M8.bin

switch is running with c3560e-universalk9-mz.150-2.SE6.bin

Thanks!

nkarthikeyan · ‎07-15-2014

Hi,

You can try like this.

snmp-server user username groupname v3 access ipv6 IPV6-SNMP-ACL 12

Regards

Karthik

nkarthikeyan · ‎07-15-2014

Hi,

You can try like this.

snmp-server user username groupname v3 access ipv6 IPV6-SNMP-ACL 12

Regards

Karthik