cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11562
Views
0
Helpful
5
Replies

Changing Default SNMP port in router

prasad.gsmc
Level 1
Level 1

Hi All,

Is it possible to make the router listen to ports other than 161 for SNMP ?? can ip port-map help in this... MY NMS SNMP port to be changed to non 161 due to security issue

5 Replies 5

Joe Clarke
Cisco Employee
Cisco Employee

This is not possible. You can send traps to non-default ports, but the SNMP agent will always bind to udp/161.

Hi,

 

in that case, mind to share how in this image snmp port is 162 ?

 

snmp port.jpg

marce1000
VIP
VIP

 

 - As stated already , not possible, in terms of security awareness , it would be a rightfull action for any snmp manager software to not trust an snmp service, which is not running on the designated standard snmp port.

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

so is it correct to say that you can make the router to listen on other ports other than 161 but it is not a advisable security practice?

 

The image is from cisco itself.

 

 - CISCO (IOS) doesn't,  have that possibility (to change the snmp-listening-port); you can only do that in native unix (linux) systems, AND INDEED, it  can be considered as bad security practice. The 162 you see in the image is the trap destination port.

M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Review Cisco Networking for a $25 gift card