Table of Contents
Advertisement
To do...
Apply the ACL while
configuring the SNMP
group name
Apply the ACL while
configuring the SNMP
user name
Configuration Example
Network requirements
Only SNMP users sourced from the IP addresses of 10.110.100.52 and 10.110.100.46 are permitted to
access the switch.
Figure 8-2 Network diagram for controlling SNMP users using ACLs
10.110.100.46
Host A
IP network
Host B
10.110.100.52
Configuration procedure
# Define a basic ACL.
<Sysname> system-view
[Sysname] acl number 2000 match-order config
[Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0
[Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0
[Sysname-acl-basic-2000] rule 3 deny source any
[Sysname-acl-basic-2000] quit
# Apply the ACL to only permit SNMP users sourced from the IP addresses of 10.110.100.52 and
10.110.100.46 to access the switch.
[Sysname] snmp-agent community read 3com acl 2000
[Sysname] snmp-agent group v2c 3comgroup acl 2000
[Sysname] snmp-agent usm-user v2c 3comuser 3comgroup acl 2000
Use the command...
snmp-agent group { v1 | v2c } group-name
[ read-view read-view ] [ write-view write-view ]
[ notify-view notify-view ] [ acl acl-number ]
snmp-agent group v3 group-name
[ authentication | privacy ] [ read-view
read-view ] [ write-view write-view ] [ notify-view
notify-view ] [ acl acl-number ]
snmp-agent usm-user { v1 | v2c } user-name
group-name [ acl acl-number ]
snmp-agent usm-user v3 user-name
group-name [ [ cipher ] authentication-mode
{ md5 | sha } auth-password [ privacy-mode
{ 3des | aes128 | des56 } priv-password ] ] [ acl
acl-number ]
Switch
8-5
Remarks
and
configuration
customs of NMS
users, you can
reference an
ACL when
configuring
community
name, group
name or
username. For
the detailed
configuration,
refer to SNMP
Configuration in
the System
Volume.
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
