Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SNMP ACL Issue

Recently we incporated an ACL on all our devices for the read SNMP string (had it for write). My ACL looks like this:

access-list 1300 remark ACS for SNMP Read

access-list 1300 permit host 10.1.1.150

access-list 1300 permit 10.1.17.0 0.0.0.254

access-list 1300 permit 10.1.8.0 0.0.0.254

access-list 1300 permit 10.1.36.0 0.0.0.255

access-list 1300 deny any log

snmp-server community XXXX RO 1300

When I look at the log 10.1.8.69 (Whats Up Server) is getting denied, falling into the deny any any section of this ACL? Any suggestions?

5 REPLIES

Re: SNMP ACL Issue

Hi,

your access-list has two wildcard masks of 0.0.0.254

This means any odd numbered host will be denied because the last bit in the IP address has to be zero. Replace it with 0.0.0.255 and it should work.

Hope this helps! Please rate all posts.

Regards, Martin

New Member

Re: SNMP ACL Issue

your permit 10.1.8.0 0.0.0.254 only permits even numbered devices on the last octet.

New Member

Re: SNMP ACL Issue

Our intention was to permit 10.1.8.X and 10.1.9.X with this line. What would that command look like?

Gold

Re: SNMP ACL Issue

access-list 1300 permit 10.1.8.0 0.0.1.255

now this will not work for the .17 if you want .17 and .18 youe will need to put in

access-list 1300 permit 10.1.17.0 0.0.0.255

access-list 1300 permit 10.1.18.0 0.0.0.255

Bronze

Re: SNMP ACL Issue

Hi

to permit only .8 andd .9 network i think u need two statements

access-list 1300 permit 10.1.8.0 0.0.0.255

access-list 1300 permit 10.1.9.0 0.0.0.255

Wildcard mask looks for exact match if 0 is their and if 1 is their it can be anything

If U want only single statement for both networks

try using this

access-list 1300 permit 10.1.8.0 0.0.9.255

HTH

Thanks

Raj

293
Views
0
Helpful
5
Replies
CreatePlease to create content