Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
977
Views
0
Helpful
0
Replies

Issue with deny snmpv1 / policy-map no match

Aliminna
Level 1
Level 1

‎11-17-2020 04:15 AM - edited ‎01-07-2021 07:21 AM

Hello everyone,

 

I have a problem on a ASA 5505.
I want to preclude the version 1 of SNMP.

First i tried the command "snmp deny version 1" but it didn't work.

________________________

Then, i tried this configuration :

 

(config)#snmp-map nov1here

(config-snmp-map)# deny version 1

 

(config)# access-list aclnov1here extended permit udp any any eq snmptrap

(config)# access-list aclnov1here extended permit udp any any eq snmp

 

(config)# class-map snmp-block-nov1here

(config-cmap)# match access-list aclnov1here

 

(config-cmap)# policy-map policynov1here

(config-pmap)# class snmp-block-nov1here

(config-pmap)# inspect snmp nov1here

 

(config-pmap-c)# service-policy policynov1here interface test

__________________

But now when I do :

 

#show service-policy

 

I can see the policy does not match with packets and neither does the ACL. I can also always request in version 1.

 

Is someone see where my problem is ?

 

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card