Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SNMP ACL

I have an ACL tied to our SNMP traps, and Im not sure if its working or not.

Currently I have setup:

access-list 21 permit xx.xx.xx.xx

snmp-server community {string} RO 21

Should this not by default assign the access list and deny everything else?

According to the logs, I am getting a ton of SNMP failures which I assumed shouldnt even hit the log because of the ACL.

Jul 24 12:07:25 MDT: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 85.29.8.182

Jul 24 12:07:28 MDT: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 85.29.8.182

Jul 24 12:07:31 MDT: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 85.29.8.182

Jul 24 12:07:35 MDT: %SNMP-3-AUTHFAIL: Authentication failure for SNMP req from host 85.29.8.182

2 REPLIES

Re: SNMP ACL

Stuart,

The messages you are receiving aren't denies from the access list. It is a SNMP authentication failure. It appears that you have SNMP V3 setup. Make sure that the community and user name that are used in the SNMP request from the remote host have been configured on the router. Here is rather lengthy guide configuring SNMP on your device.

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html

Mark

New Member

Re: SNMP ACL

To sent traps to one host you need to configure

snmp-server trap-source Loopback1 >> optional

snmp-server host 10.200.100.100

10.200.100.100 is the ip of the server that's receive the traps

--

Raul

746
Views
0
Helpful
2
Replies