cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
681
Views
0
Helpful
4
Replies
Highlighted
Beginner

disable snmp on ios

hi,

I have few routers (1841, 1941, 3825, 3925 and new 4k).

I managed them from inside interface and to do that I have this configuration :

access-list 1 permit a.b.c.d
snmp-server community xxxxx RO 1

 

that works well.

 

But in scanning all udp ports from outside (internet), nmap detected that :

161/udp open snmp Cisco SNMP service; ciscoSystems SNMPv3 server
| snmp-info:
| enterprise: ciscoSystems
| engineIDFormat: mac
| engineIDData: macaddress_hidden
| snmpEngineBoots: 17
|_ snmpEngineTime: 1d05h34m16s

 

So how is it possible while I have ACLs ? how to disable snmpv3 cause I use only v2c ?

Right now I use as workaround an ACL denying snmp applied on outside interface.

If you have an idea

thanks

 

Nicolas

4 REPLIES 4
Highlighted
VIP Mentor

Hello

Show run | in snmp



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

snmp-server community xxxxxx RO 1
snmp-server location yyyyyy
snmp-server contact Nicolas Vanhaute
snmp ifmib ifindex persist

Highlighted

Hello

Possibly try example-
snmp-server group SNMP v2c access 1
snmp-server community xxxxxx view Allow-Mib RO 1
snmp-server view Allow-Mib mib-2 included
snmp-server view Allow-Mib cisco included



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted

not better (no changes) and even worse cause now my monitoring system can't get information from snmp requests

a simple snmpwalk gives me now : iso.3.6.1.2.1 = No more variables left in this MIB View (It is past the end of the MIB tree)