Hi, i have Site to Site IPSEC VPN with a client,

recently i saw 100% CPU on my router, and sh process CPU sorted shows SNMP-Engine eating all CPU.

when i disbled SNP-Server on my Router, every thing is good.

in debug i can see some strange packets coming from my CLIENT side subnets.

How i can block them?

i tried deny SNP on boarder interface , but no success.   any suggestion how can i block them? Client is unable to block it on his side towards me :-s

May 22 12:10:33.358: SNMP: Response, reqid 657, errstat 0, erridx 0

ipNetToMediaEntry.2.18.10.10.164.200 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.164.200 = 10.10.164.200

ipNetToMediaEntry.4.18.10.10.164.200 = 3

ipNetToMediaEntry.1.18.10.10.164.200 = 18

ipNetToMediaEntry.2.18.10.10.164.228 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.164.228 = 10.10.164.228

ipNetToMediaEntry.4.18.10.10.164.228 = 3

ipNetToMediaEntry.1.18.10.10.164.228 = 18

ipNetToMediaEntry.2.18.10.10.164.238 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.164.238 = 10.10.164.238

ipNetToMediaEntry.4.18.10.10.164.238 = 3

ipNetToMediaEntry.1.18.10.10.164.238 = 18

ipNetToMediaEntry.2.18.10.10.164.250 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.164.250 = 10.10.164.250

ipNetToMediaEntry.4.18.10.10.164.250 = 3

ipNetToMediaEntry.1.18.10.10.164.250 = 18

ipNetToMediaEntry.2.18.10.10.165.11 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.11 = 10.10.165.11

ipNetToMediaEntry.4.18.10.10.165.11 = 3

ipNetToMediaEntry.1.18.10.10.165.11 = 18

ipNetToMediaEntry.2.18.10.10.165.57 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.57 = 10.10.165.57

ipNetToMediaEntry.4.18.10.10.165.57 = 3

ipNetToMediaEntry.1.18.10.10.165.57 = 18

ipNetToMediaEntry.2.18.10.10.165.60 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.60 = 10.10.165.60

ipNetToMediaEntry.4.18.10.10.165.60 = 3

ipNetToMediaEntry.1.18.10.10.165.60 = 18

ipNetToMediaEntry.2.18.10.10.165.100 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.100 = 10.10.165.100

ipNetToMediaEntry.4.18.10.10.165.100 = 3

ipNetToMediaEntry.1.18.10.10.165.100 = 18

ipNetToMediaEntry.2.18.10.10.165.128 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.128 = 10.10.165.128

ipNetToMediaEntry.4.18.10.10.165.128 = 3

ipNetToMediaEntry.1.18.10.10.165.128 = 18

ipNetToMediaEntry.2.18.10.10.165.131 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.131 = 10.10.165.131

ipNetToMediaEntry.4.18.10.10.165.131 = 3

ipNetToMediaEntry.1.18.10.10.165.131 = 18

ipNetToMediaEntry.2.18.10.10.165.146 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.146 = 10.10.165.146

ipNetToMediaEntry.4.18.10.10.165.146 = 3

ipNetToMediaEntry.1.18.10.10.165.146 = 18

ipNetToMediaEntry.2.18.10.10.165.150 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.150 = 10.10.165.150

ipNetToMediaEntry.4.18.10.10.165.150 = 3

ipNetToMediaEntry.1.18.10.10.165.150 = 18

ipNetToMediaEntry.2.18.10.10.165.159 = 00 17 59 26 5D C0

ipNetToMediaEntry.3.18.10.10.165.159 = 10.10.165.159

ipNetToMediaEntry.4.18.10.10.165.159 = 3