Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1635
Views
5
Helpful
3
Replies

SNMP and ACL's on CatOS

Go to solution
rkennedy
Level 1
Level 1

‎02-24-2003 11:52 AM - edited ‎03-02-2019 05:20 AM

I have put the following SNMP with ACL restrictions in place on my IOS based devices and I want to know can I use the same configuration on my CatOS devices with the same results. Here is the config:

no snmp-server community public RO

no snmp-server community private RW

snmp-server community CoolString RO 21

snmp-server community BetterString RW 21

snmp-server host 10.10.11.34 private

snmp-server system-shutdown

access-list 21 permit 192.168.0.1

Thanks,

Richard Kennedy

rkennedy@opers.org

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
eric_garnel
Level 1
Level 1

‎02-24-2003 12:09 PM

You can use the "set ip permit" command to allow only certain ip addresses or ranges to access the switch for management purposes

View solution in original post

Go to solution
milan.kulik
Level 10
Level 10

‎02-24-2003 11:59 PM

If you want to use several community strings (public, CoolString, e.g.) at the same time you can use "set snmp community-ext" command (available since CatOS 7.5(1)).

But using IP permit you can just specify which IP addresses are allowed to send SNMP commands generally but not particular community strings as in IOS.

E.g.: "set ip permit 192.168.0.1 snmp" allows PC with 192.168.0.1 IP address to send any SNMP command without specifying the community string permitted as is with IOS

snmp-server community CoolString RO 21

snmp-server community BetterString RW 21

access-list 21 permit 192.168.0.1

Regards,

Milan

View solution in original post

0 Helpful
3 Replies 3

Go to solution
eric_garnel
Level 1
Level 1

‎02-24-2003 12:09 PM

You can use the "set ip permit" command to allow only certain ip addresses or ranges to access the switch for management purposes

Go to solution
milan.kulik
Level 10
Level 10

‎02-24-2003 11:59 PM

If you want to use several community strings (public, CoolString, e.g.) at the same time you can use "set snmp community-ext" command (available since CatOS 7.5(1)).

But using IP permit you can just specify which IP addresses are allowed to send SNMP commands generally but not particular community strings as in IOS.

E.g.: "set ip permit 192.168.0.1 snmp" allows PC with 192.168.0.1 IP address to send any SNMP command without specifying the community string permitted as is with IOS

snmp-server community CoolString RO 21

snmp-server community BetterString RW 21

access-list 21 permit 192.168.0.1

Regards,

Milan

0 Helpful

Go to solution
rkennedy
Level 1
Level 1
In response to milan.kulik

‎02-25-2003 06:20 AM

Great, thank you to all that have replied.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents