Network OS Administration Guide

Supporting Network OS 6.0.1a

Part Number: 53-1003768-04

Creating an IPv4 ACL for SNMP

A standard ACL permits or denies traffic according to source address only. SNMP supports only standard ACLs.

  1. Enter configure to access global configuration mode.
    switch# configure
  2. Enter the ip access-list standard command to create the access list.
    switch(config)# ip access-list standard stdACL3
  3. For each ACL rule, enter a seq command, specifying the needed parameters.
    switch(config-ipacl-std)# seq 5 permit host
    switch(config-ipacl-std)# seq 15 deny any
The following example does the following, under SNMPv3:
  1. Creates a IPv4 standard ACL named "test".
  2. Defines rules that permits packets from a specified host and denies packets from any other host.
  3. Configures the SNMP server user "user1", including application of the "test" IPv4 ACL.
switch(config)# ip access-list standard test
switch(conf-ipacl-std)# permit host
switch(conf-ipacl-std)# deny any
switch(conf-ipacl-std)# exit
switch(config)# snmp-server user user1 groupname snmpadmin auth sha auth-password private123 priv DES priv-password public123 ipv4-acl test