Hello everyone,
I have a problem on a ASA 5505.
I want to preclude the version 1 of SNMP.
First i tried the command "snmp deny version 1" but it didn't work.
________________________
Then, i tried this configuration :
(config)#snmp-map nov1here
(config-snmp-map)# deny version 1
(config)# access-list aclnov1here extended permit udp any any eq snmptrap
(config)# access-list aclnov1here extended permit udp any any eq snmp
(config)# class-map snmp-block-nov1here
(config-cmap)# match access-list aclnov1here
(config-cmap)# policy-map policynov1here
(config-pmap)# class snmp-block-nov1here
(config-pmap)# inspect snmp nov1here
(config-pmap-c)# service-policy policynov1here interface test
__________________
But now when I do :
#show service-policy
I can see the policy does not match with packets and neither does the ACL. I can also always request in version 1.
Is someone see where my problem is ?