From: Radoslav Vasilev (deckland@gmail.com)
Date: Mon Aug 14 2006 - 05:18:26 ART
Hi Group,
Simple question regarding the Cisco's recommended way snmp traps should be
configured.
From the ``snmp-server host`` command reference, particularly the community
option description:
<docd>
The password-like community string sent with the notification operation.
Though you can set this string with the *snmp-server host* command by
itself, Cisco recommends that you define this string with the *snmp-server
community* command before you issue the *snmp-server host* command.
</docd>
Basically, as an example:
snmp-server community blabla 10
snmp-server host 1.1.1.1 blabla
access-list 10 deny any
I'm sure you've seen that way of configuring, so basically while satisfying
the cisco recommendation of explicitly configuring the community with
`snmp-server community`` command, they make sure nobody is capable of
polling the device with the same string (lab requirenments reasons).
My question: why do we need to additionally use the snmp-server community
for the trap community string?
If the requirenment is to create a "trap-only" community, shouldn't that be
enough:
snm-server host 1.1.1.1 blabla ...
Thanks for your help!
Rado
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART