[c-nsp] snmp access list
Tassos Chatzithomaoglou
achatz at forthnet.gr
Sat May 3 13:25:34 EDT 2008
George,
I guess you're referring to snmp traps (not syslog entries).
If yes, try "no snmp-server trap authentication acl-failure".
Otherwise, i would be interested to see these syslog entries.
--
Tassos
Koffler, George A. wrote on 3/5/2008 6:58 πμ:
> Jeff,
>
> I've noticed that, unlike other ACLs, I receive syslog entries for denied *SNMP queries* even when an SNMP ACL is the reason for the failure. It looks just like a failure due to an incorrect community string. The ACL isn't set to log.
>
> I hadn't really thought about it until I saw your question, but now I'm intrigued...
>
> George Koffler
> UMKC IS Networking & Telecommunications
>
>>
>>
> Date: Fri, 2 May 2008 17:05:50 -0400
> From: Jeff Fitzwater <jfitz at Princeton.EDU>
> Subject: [c-nsp] snmp access list
> To: cisco-nsp at puck.nether.net
>
> Does anybody know how a numbered standard ACL that is applied to snmp
> traffic via commands shown below, actually works?
> Does the SNMP process still get touched when a DENY is hit?
>
>
> snmp-server community xxxx RO 99
> snmp-server community xxxx RW 99
>
>
>
> Thanks for any info.
>
>
>
> Jeff Fitzwater
> OIT Network Systems
> Princeton University
>
> />
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list