From: Brian Dennis (brian@labforge.com)
Date: Thu May 08 2003 - 01:25:53 GMT-3
I've worked for a few different ISP's over the years and only one of
them blocked SNMP at the edge of their network. I think it was just
easier for the person who implemented the ACL's to filter all inbound
SNMP rather than have to deny SNMP to all of their core addresses and
permit the rest.
Since Cisco IOS using UDP for traceroute you might try to trace using
UDP port 161 as opposed to the default port of 33434 and see where it
dies at if you are curious as to who is filtering it.
As a side note I was using SNMP over the Internet just yesterday without
any problems. I was going across WilTel and MCI.
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
Director of CCIE Training and Development - IPexpert, Inc.
Mailto: brian@ipexpert.net
Toll Free: 866.225.8064
Outside U.S. & Canada: 312.321.6924
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Charles Church
Sent: Wednesday, May 07, 2003 7:51 PM
To: CCIE Lab group
Subject: ISPs block SNMP?
ISPers,
I've been playing with snmpwalk a bit the last couple days, but
was
starting to think it wasn't compatible with Cisco routers. Turns out
that
it's being blocked by an ISP somewhere out there along the way, as I
tried
to get to a couple different devices. Is it standard operating
procedure
for ISPs to block SNMP? Wasn't an access-list on any of my devices
causing
the problem. Just wondering...
Thanks,
Chuck Church
CCIE #8776, MCNE, MCSE
Wam!Net Government Services
13665 Dulles Technology Dr. Ste 250
Herndon, VA 20171
Office: 703-480-2569
Cell: 585-233-2706
cchurch@wamnet.com
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:38 GMT-3