10-31-2010 05:21 AM - edited 03-09-2019 11:14 PM
Hi all,
I have NAC manager and server that manages alot of switches
i want to remove some of the switches so as nac can't manage those switches.
Best Regards,
Ayman Yehia
10-31-2010 01:53 PM
So what is your question again ?
10-31-2010 03:53 PM
HI Jan,
what i ment that i want to remove the switches from NAC device and make the NAC UNable to manage the switches without changing the community string .
i want to do any thing possible from the switch side so as to make the NAC CAN NOT manage those switches without changing the community string.
Regards,
Ayman Yehia
11-01-2010 02:16 AM
You can use an access-list to filter out the ip addresses from the NAC system in your snmp commands on the switch. This will deny 10.10.10.10 to use snmp to the switch, and allow everything else.
access-list 10 deny 10.10.10.10
access-list 10 permit any
snmp-server community Public RO 10
snmp-server community Private RW 10
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide