From: John Neiberger (neiby@xxxxxxxxxx)
Date: Mon Nov 26 2001 - 01:13:04 GMT-3
snmp-server host specifies where to send unsolicited SNMP traps.
'snmp-server community' with an access list specifies which hosts can gain
access to the router using SNMP. They are often the same host, like in our
case where we have a single network management server.
On Mon, 26 Nov 2001 11:23:49 +1100, albert_ccie@yahoo.com wrote:
| John,
|
| What's the difference between 'snmp-server host a.b.c.d' and using
| 'snmp-server community test RW 10' where 10 is an access list?
|
| Thanks
|
| Albert
|
| -----Original Message-----
| From: John Neiberger [mailto:neiby@excite.com]
| Sent: Monday, November 26, 2001 10:46 AM
| To: Albert Lu; ccielab@groupstudy.com
| Subject: Re: CCIE Brianteasers
|
|
| Two items that you weren't sure about are:
|
| snmp-server host a.b.c.d
|
| and
|
| llc2 idle-time 60000
|
| Regards,
| John
|
| On Mon, 26 Nov 2001 08:41:54 +1100, Albert Lu wrote:
|
| | Hello Group,
| |
| | Just working through a practise lab at the moment, with solutions that
| don't
| | look correct. Could someone confirm these solutions? (Don't worry, no
NDA
| is
| | being broken, as they are from a practise lab scenario)
| |
| | 1. Generate traps that are supported under the RFC for SNMP
| | A. No idea. =) Suggestions please
| |
| | 2. Allow SNMP host 150.50.6.225 to access SNMP information from the
| devices.
| | A.
| | access-list 10 permit 150.50.6.225
| | snmp-server community test rw 10
| |
| | 3. Restrict web traffic on the interface E1/0 to only the hours of
8:00AM
| to
| | 6:00PM, Monday thru Friday. Allow all other IP traffic to pass.
| | A.
| |
| | interface Ethernet1/0
| | ip address 10.1.1.4 255.255.255.0
| | ip access-group 100 in
| |
| | access-list 100 permit tcp any any eq www time-range allow_time
| | access-list 100 deny tcp any any eq www
| | access-list 100 permit ip any any
| |
| | time-range allow_time
| | periodic weekdays 8:00 to 18:00
| |
| | 4. Restrict inbound telnet traffic on interface E0 on from 9:00AM to
| 1:00PM
| | only on Monday, Wednesday, and Friday
| | A.
| | int Ethernet0
| | ip access-group 100 in
| |
| | access-list 100 permit tcp any any eq telnet time-range allow_telnet
| | access-list 100 deny tcp any any eq telnet
| | access-list 100 permit ip any any
| |
| | time-range allow_telnet
| | periodic Monday Wednesday Friday 9:00 to 13:00
| |
| | 5. Configure DLSW between Token Ring segments on R1 and R8. Use IP
| address
| | of the loopback interfaces for the DLSW peer-id with ring-group value
of
| | 4000
| | Configure router R1 to block users from accessing SAP with a value
of
| | 012 <-----***** Not sure how to do this!!
| | Adjust the following DLSW Netbios timers to 50,000 seconds on R1
and
| R8:
| | NetBIOS - cache-timeout
| | NetBIOS - explorer-timeout
| | NetBIOS - retry-interval
| | Adjust the value of the LLC2 idle timer on TR segments on R1 and R8
to
| | value of 60,000 <-----***** Not sure how to do this!!
| |
| | A.
| |
| | R1
| | ----
| | source-bridge ring-group 4000
| | dlsw local-peer peer-id 200.0.0.1
| | dlsw remote-peer 0 tcp 200.0.0.8
| | dlsw timers netbios-cache-timeout 50000
| | dlsw timers netbios-explorer-timeout 50000
| | dlsw timers netbios-retry-interval 50000
| | !
| | interface Loopback0
| | ip address 200.0.0.1 255.255.255.255
| | !
| |
| | interface To0
| | no ip address
| | ring-speed 16
| | source-bridge 10 1 4000
| |
| |
| | R8
| | ----
| | source-bridge ring-group 4000
| | dlsw local-peer peer-id 200.0.0.8
| | dlsw remote-peer 0 tcp 200.0.0.1
| | dlsw timers netbios-cache-timeout 50000
| | dlsw timers netbios-explorer-timeout 50000
| | dlsw timers netbios-retry-interval 50000
| | !
| | interface Loopback0
| | ip address 200.0.0.8 255.255.255.255
| | !
| | interface To0
| | no ip address
| | ring-speed 16
| | source-bridge 10 1 4000
| |
| | Any feedback is greatly appreciated.
| |
| | Thanks
| |
| | Albert
| |
| |
This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:22 GMT-3