Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
607
Views
0
Helpful
1
Replies

NX-OS limit OID

jmperlewitz
Level 1
Level 1

‎01-27-2020 01:48 PM

I am trying to figure out how to limit users to only access certain OIDs when performing an SNMP Walk.  So far, I have created the following:

Role: limit-snmp
Description: new role
Vlan policy: permit (default)
Interface policy: permit (default)
Vrf policy: permit (default)
-------------------------------------------------------------------
Rule Perm Type Scope Entity 
-------------------------------------------------------------------
3 deny read oid * 
2 permit read oid 1.3.6.1.2.1.4.21.1.10.10.70.124.1
1 permit read feature snmp 

!

snmp-server community ***** group limit-snmp

However, when I test it, I am still getting multiple entries returned to me...

 

iso.3.6.1.2.1.16.22.1.2.2.1.12.1.952 = Counter32: 0
iso.3.6.1.2.1.16.22.1.2.2.1.13.1.952 = Counter64: 3242284259
iso.3.6.1.2.1.16.22.1.2.2.1.14.1.1 = Timeticks: (2371) 0:00:23.71
iso.3.6.1.2.1.16.22.1.2.2.1.14.1.399 = Timeticks: (370311571) 42 days, 20:38:35.71

 

Can you tell me what I am doing wrong?  Thanks

Labels:
0 Helpful
1 Reply 1

jmperlewitz
Level 1
Level 1

‎01-28-2020 08:18 AM

I figured it out:

 

Role: limit-snmp
Description: new role
Vlan policy: permit (default)
Interface policy: permit (default)
Vrf policy: permit (default)
-------------------------------------------------------------------
Rule Perm Type Scope Entity
-------------------------------------------------------------------
2 deny read feature snmp
1 permit read oid 1.3.6.1.2.1.47.1.1.1.1.7

0 Helpful
Customers Also Viewed These Support Documents