12-11-2007 01:49 PM
Hi,
I am configuring snmp so I can use the Cisco Network Assistant to monitor part of the network. I have created two communities with different names. Something like this: baycom and baycomrw. The one with read and write access is associated with an access list that permits only one host to make the changes.
I have configured my workstation with the CNA application and I connected to the read-only community but even though is read-only I can still make changes to my switches. Can someone explain why?
The default CNA setup is read/write but why is my switch allowing it if the community I am connected to is RO?
Thanks for your help.
12-11-2007 11:14 PM
HI Rafael Garcia, [Pls Rate if HELPS]
Your configurartion should be something like shown below:
ACL 98 for RO adn ACL 99 for RW.
access-list 98 permit xxx.xxx.xxx.0 0.0.0.255
access-list 98 permit xxx.xxx.xxx.0 0.0.0.255
access-list 98 deny any
access-list 99 permit xxx.xxx.xxx.0 0.0.0.255
access-list 99 permit xxx.xxx.xxx.0 0.0.0.255
access-list 99 deny any
snmp-server community baycom RO 98
snmp-server community baycomrw RW 99
snmp-server host xxx.xxx.xx.xx baycom
snmp-server host xxx.xxx.xxx.xxx baycom
PLS RATE if HELPS
Best Regards,
Guru Prasad R
12-12-2007 06:22 AM
Can you post your config here? just change the IP address and comm strings
12-12-2007 06:55 AM
Hi,
Thank your for your replies. My configuration looks like the one above. I have tested the configuration using another application since the CNA doesn't provide enough choices to configure and it worked. The application could connect to the RO community since it was open, but it couldn't connect to the RW community since it was controlled by an access list and the host I was connecting from was not part of it.
Thanks again for all your help.
12-12-2007 08:36 PM
HI, [Do RATE ALL HELPFUL POSTS]
Nice to hear it worked for you.
>> Just modify the ACL by allowing the HOST with RW Community String.
>> Do RATE ALL HELPFUL POSTS
Best Regards,
Guru Prasad R
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide