From: Dufour, Andre (Andre.Dufour@PAETEC.com)
Date: Thu Dec 11 2008 - 11:22:01 ARST
Just to add that to add some sort of security to snmp 2c, you can have an access-list applied to the statements to specify the source of the queries as well as the password. For example...
snmp-server community RO_PASSWORD ro ACL_SNMP_RO
!
snmp-server community RW_PASSWORD rw ACL_SNMP_RW
!
ip access-list standard ACL_SNMP_RO
permit x.x.x.x
!
ip access-list standard ACL_SNMP_RW
permit x.x.x.x
!
Regards,
Andre
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of Rick Mur
Sent: Thursday, December 11, 2008 8:13 AM
To: John Edom
Cc: Cisco certification
Subject: Re: SNMP Community String - Confusion
The community string you specify in the 'snmp-server host' command is used
to send Traps to that server. The ones you specify in the 'snmp-server
community' are used to 'authenticate' to the router using an SNMP tool.
Rick Mur
CCIE #21946 (R&S)
CCNP, CCIP, JNCIA-ER, MCSE
rick@rickmur.com
On Thu, 11 Dec 2008 17:07:17 +0400
"John Edom" <jedom123@gmail.com> wrote:
Hi,
I have some confusion on snmp statements. what is the difference
between
community string define in snmp-server host statement and
snmp-server
community statement. like
R1(config)#snmp-server host 192.168.1.100 version 2c Cisco
R1(config)#snmp-server community TEST-RO ro
R1(config)#snmp-server community TEST-RW rw
"Cisco" string is for host 192.168.1.100 to fetch information from
snmp but
why we use these other communities with snmp-server community
commands and
also tell me what are the right of string that is with host command
(read or
read/write)?
Best Regards
Blogs and organic groups at http://www.ccie.net
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Thu Jan 01 2009 - 12:53:08 ARST