SNMP Support over VPNsContext Based Access Control
I am a little confused as to what this feature is designed to provide. I've been experimenting with this based on the examples in the CCO documentation.
Can anyone offer me any insight into the design of this feature?
My initial understanding was that all of the MIB data would be available (unless limited by a view) and that the contexts would limit access on a per VRF basis. For example
VRF Customer_A1 could be in contextA
VRF Customer_A2 could also be in contextA
VRF Customer_B could be in contextB.
When a walk query was performed on the MPLS-VPN MIB then only the data for the VRFs in the relevant context would be shown - so UserA (in GroupA which is associated with contextA) could see data about the Customer_A1 and Customer_A2 VRFs only, and UserB (in GroupB which is associated with contextB) could only see the information in contextB.
It seems that my theories weren't quite right - the vrf <-> context <-> group relationship appears to be a little strange. A context must be unique and cannot be duplicated between VRFs - this means that CustomerA that has two (or possibly more) VRFs on a router can't see data on both using the userA login?
It also appears that this feature doesn't work with views enabled on 12.3(7)T, and the data provided when context alone is used is limited to a subset of the IP-Forwarding MIB?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...