Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACL,s for SNMP issues

Our NMS is getting hit by lots of

Authentication failure traps from our Cisco devices as IT insist on snmp polling our entire network.

To stop this I have put an ACL on the snmp-server community line. ie

access-list 58 permit z.z.z.z 0.0.0.255

access-list 58 permit y.y.y.y 0.0.0.255

access-list 58 permit x.x.x.x 0.0.3.255

snmp-server community ****** RO 58

snmp-server community ****** RW 58

This seems to have stopped some of the devices from sending authentication failure traps to our NMS but others are still sending traps although the snmp requester should be getting dropped by the ACL (particularly 7200's and cat4500) seem to ignoring this

Is there any known reason why this would be happening

1 REPLY

Re: ACL,s for SNMP issues

Hello Chris,

You are using a standard ACL to limit snmp access. A standard ACL checks on the source adress of the snmp packet. Therefore it will only block incoming snmp traffic but it will not keep the device from sending traps.

Regards,

Leo

108
Views
0
Helpful
1
Replies
CreatePlease login to create content