Showing results for 
Search instead for 
Did you mean: 

SNMP ACLs without applying on an interface

umer zubairi



I was looking at some configurations on 3850 switches where the engineer has configured the standard and extended ACLs for SNMP, but surprisingly they were not applied to any of the ingress or egress interfaces.


Don't know what's the reason, please help me understanding this.


Kind Regards


Francesco Molino
VIP Mentor VIP Mentor
VIP Mentor

Acl for snmp community are applied on snmp config. Can you share your snmp config and acl? The acl can be applied by using different command but usually it's done with snmp-server community.

PS: Please don't forget to rate and select as validated answer if this answered your question

Joseph W. Doherty
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
As Francesco has already noted, a SNMP ACL can be assigned to SNMP community string. This then uses that ACL against a SNMP request using that community from any port.

You could use port ACLs, but then you couldn't have different ACLs per SNMP community.

Another advantage of attaching the ACLs to the SNMP community, it doesn't subject all other port traffic to the SNMP ACL. The SNMP ACL is only applied to traffic using a specific SNMP community to the device.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: