Solved: SNMP v3 for catalyst

jigargajra · ‎05-28-2020

Hello,

I am trying to setup SNMP v3 on our Catalyst 2960 switches.

I got the configuration setup and it`s working. But I noticed SNMP information can be pulled from other NMS if correct credentials are provided.

Below is my SNMP config on Catalyst 2960( We have various 2960s in our production network)

snmp-server engineID remote 10.X.X.X <engineID>

snmp-server group <groupname> v3 priv

snmp-server user <username> <groupname> remote 10.X.X.X v3 auth sha <password1> priv aes 128 <password2>

snmp-server host 10.X.X.X version 3 priv <username>

I would like to only allow 1 NMS to poll the SNMP information and restrict others from polling.

Reza Sharifi · ‎05-28-2020

Hi,

You should be able to add an access-list.

See link with an example:

HTH

Reza Sharifi · ‎05-28-2020

Hi,

You should be able to add an access-list.

See link with an example:

HTH

jigargajra · ‎05-28-2020

Adding the ACL fixed the issue

access-list 10 permit host 10.X.X.X
access-list 10 deny any

snmp-server group <groupname> v3 priv access 10
snmp-server user <username><groupname> v3 auth sha <password1> priv aes 128 <password2> access 10