Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CANAC and switches communication

Hi all,

I have NAC manager and server that manages alot of switches

i want to remove some of the switches so as nac can't manage those switches.

Best Regards,

Ayman Yehia

3 REPLIES

Re: CANAC and switches communication

So what is your question again ?

New Member

Re: CANAC and switches communication

HI Jan,

what i ment that i want to remove the switches from NAC device and make the NAC UNable to manage the switches without changing the community string .

i want to do any thing possible from the switch side so as to make the NAC CAN NOT manage those switches without changing the community string.

Regards,

Ayman Yehia

Re: CANAC and switches communication

You can use an access-list to filter out the ip addresses from the NAC system in your snmp commands on the switch. This will deny 10.10.10.10 to use snmp to the switch, and allow everything else.

access-list 10 deny 10.10.10.10

access-list 10 permit any
snmp-server community Public RO 10
snmp-server community Private RW 10

165
Views
0
Helpful
3
Replies