01-12-2015 10:53 AM - edited 02-21-2020 05:22 AM
Hello,
I am confused on how I would go about writing my ACL to only allow one IP to access an SNMP string and deny everyone else. Can anyone help me?
01-12-2015 11:56 AM
Hi there. Take a look at the link below and let us know if you still have any questions:
Thank you for rating helpful posts!
01-12-2015 12:06 PM
Hi Velezm111,
What I think you are asking is how do you utilize the ACL functionality option at the end of the community string to only allow one SNMP manager to gain access to the SNMP agent?
If that is the case first create a standard access list. (Remember this is an ACL within the range of 1-99)
enable
configure terminal
ip access-list standard 99
permit host (insert single ip)
At this point you have your ACL, now apply it to the community string
Snmp-server community (insert string) 99 (specify rw or ro)
Hope this helped
01-12-2015 01:32 PM
Thank you for your reply! Yes I already created that standard acl and snmp community. now I just want to make sure no one else can access it except the IP I permitted on the first acl. How can I create an ACL so no one else can access it?
01-12-2015 01:55 PM
The command Snmp-server community (insert string) 99 (specify rw or ro) would specify that only the IPs allocated in ACL 99 would be allowed to be an SNMP manager for the SNMP Agent
So in this instance the community string will act like a password
Where the ACL you specify in the string will say only these IPs can give the password
Hope this helps
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide