Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
648
Views
0
Helpful
2
Replies

SNMP ACLs without applying on an interface

umer zubairi
Level 1
Level 1

‎12-27-2017 02:18 PM - edited ‎03-08-2019 01:14 PM

Experts

 

I was looking at some configurations on 3850 switches where the engineer has configured the standard and extended ACLs for SNMP, but surprisingly they were not applied to any of the ingress or egress interfaces.

 

Don't know what's the reason, please help me understanding this.

 

Kind Regards

Labels:
0 Helpful
2 Replies 2

Francesco Molino
VIP Alumni
VIP Alumni

‎12-27-2017 06:12 PM

Hi

Acl for snmp community are applied on snmp config. Can you share your snmp config and acl? The acl can be applied by using different command but usually it's done with snmp-server community.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎12-28-2017 05:47 AM

As Francesco has already noted, a SNMP ACL can be assigned to SNMP community string. This then uses that ACL against a SNMP request using that community from any port.

You could use port ACLs, but then you couldn't have different ACLs per SNMP community.

Another advantage of attaching the ACLs to the SNMP community, it doesn't subject all other port traffic to the SNMP ACL. The SNMP ACL is only applied to traffic using a specific SNMP community to the device.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card