Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SNMP problem

SNMP works on port UPD 161, right?

i am trying to filter incoming SNMP packets by applying access-list on my incoming interface, its not working.

Any idea what can be the problem, are there multiple ports involve..just like FTP, for instance

3 REPLIES
Silver

Re: SNMP problem

SNMP Traps use 162. May be thats what you are getting.

Thanks.

Bronze

Re: SNMP problem

whats you access-list look like. Are you checking for 161 in the destination port?

Bronze

Re: SNMP problem

Are you trying to filter SNMP packets destined to the router itself? Typically the way this is done is by giving an access-list number in the snmp community statement:

snmp-server community public view myview RO 11

Then you create access-list 11 to restrict source hosts as appropriate, and it determines which hosts can and cannot send SNMP queries to your router.

Given the above, I suppose it's conceivable that normal access lists applied to an interface don't block SNMP traffic to the router itself. But I've never tried doing it this way, so I can only speculate.

105
Views
0
Helpful
3
Replies