cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

311
Views
2
Helpful
4
Replies
Beginner

SNMP Clarification

Hi,

I am configuring snmp so I can use the Cisco Network Assistant to monitor part of the network. I have created two communities with different names. Something like this: baycom and baycomrw. The one with read and write access is associated with an access list that permits only one host to make the changes.

I have configured my workstation with the CNA application and I connected to the read-only community but even though is read-only I can still make changes to my switches. Can someone explain why?

The default CNA setup is read/write but why is my switch allowing it if the community I am connected to is RO?

Thanks for your help.

4 REPLIES 4
Rising star

Re: SNMP Clarification

HI Rafael Garcia, [Pls Rate if HELPS]

Your configurartion should be something like shown below:

ACL 98 for RO adn ACL 99 for RW.

access-list 98 permit xxx.xxx.xxx.0 0.0.0.255

access-list 98 permit xxx.xxx.xxx.0 0.0.0.255

access-list 98 deny any

access-list 99 permit xxx.xxx.xxx.0 0.0.0.255

access-list 99 permit xxx.xxx.xxx.0 0.0.0.255

access-list 99 deny any

snmp-server community baycom RO 98

snmp-server community baycomrw RW 99

snmp-server host xxx.xxx.xx.xx baycom

snmp-server host xxx.xxx.xxx.xxx baycom

PLS RATE if HELPS

Best Regards,

Guru Prasad R

Cisco Employee

Re: SNMP Clarification

Can you post your config here? just change the IP address and comm strings

Beginner

Re: SNMP Clarification

Hi,

Thank your for your replies. My configuration looks like the one above. I have tested the configuration using another application since the CNA doesn't provide enough choices to configure and it worked. The application could connect to the RO community since it was open, but it couldn't connect to the RW community since it was controlled by an access list and the host I was connecting from was not part of it.

Thanks again for all your help.

Rising star

Re: SNMP Clarification

HI, [Do RATE ALL HELPFUL POSTS]

Nice to hear it worked for you.

>> Just modify the ACL by allowing the HOST with RW Community String.

>> Do RATE ALL HELPFUL POSTS

Best Regards,

Guru Prasad R

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards