Solved: SNMP ACL on Nexus

Max-o_o-Power · ‎02-21-2018

Hello,

I am trying to create a SNMP ACL on a Nexus 9K. Previously I have created them using command similar to:

snmp-server community MyCommunityString RO 1

However, from what I can gather on the new commands, I have the following created to try to create the equivalent of the above:

ip access-list MyACL
10 permit udp 10.1.1.1/32 eq snmp any

snmp-server community PSCUMARS group network-operator

snmp-server community MyCommunityString use-acl MyACL

However, this is not working when we scan but will work if I remove the ACL.

Any ideas?

Mark Malone · ‎02-21-2018

hmm maybe it try it like the doc and specify host to host see if that gets the acl working

n7000(config)# ip access-list snmp-acl
n7000(config-acl)# permit udp host x.x.x.x host x.x.x.x eq snmp
n7000(config)# snmp-server community <password> group network-operator
n7000(config)# snmp-server community <password> use-acl snmp-acl

View solution in original post

Mark Malone · ‎02-21-2018

hmm maybe it try it like the doc and specify host to host see if that gets the acl working

n7000(config)# ip access-list snmp-acl
n7000(config-acl)# permit udp host x.x.x.x host x.x.x.x eq snmp
n7000(config)# snmp-server community <password> group network-operator
n7000(config)# snmp-server community <password> use-acl snmp-acl

Max-o_o-Power · ‎02-21-2018

That seems to have resolved it, thanks!