07-28-2008 04:36 PM
Hi Guys
What i would like to do is setup a "snmp view" and restrict access to specific interfaces and then limit access to certain mibs.
The problem is i have 10+ interfaces that i will need to snmp get from.
and if i have to define every OID for each interface then it will make my view config very large for example.
If i want to see ifInUcastPkts for 3 interfaces
OID 1.3.6.1.2.1.2.2.1.11
My SNMP view would be
snmp-server view roview ifEntry.11.10116 included
snmp-server view roview ifEntry.11.10124 included
snmp-server view roview ifEntry.11.10601 included
if i want ifAdminStatus
OID 1.3.6.1.2.1.2.2.1.7
snmp-server view roview ifEntry.7.10116 included
snmp-server view roview ifEntry.7.10124 included
snmp-server view roview ifEntry.7.10601 included
is there a way to cut down on the config using wildcards? and still have some sort of security
07-28-2008 05:41 PM
You can use a '*' as a wildcard in views. See http://www.cisco.com/en/US/docs/ios/12_3/configfun/command/reference/cfr_1g11.html#wp1033027 for more details.
07-28-2008 07:22 PM
Thats fine i did know that the wildcard existed but it only denotes a specific sub tree.
in my example i dont think it will work as if i use
snmp-server view roview ifEntry.*.10116 included
then all of the ifEntry.* subtree will be visible for that interface.
07-28-2008 07:48 PM
Yes, that's true. There is no range wildcard or mask that can be applied.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: