Skip to Content
Cisco IOS Cookbook, 2nd Edition
book

Cisco IOS Cookbook, 2nd Edition

by Kevin Dooley, Ian Brown
December 2006
Intermediate to advanced
1188 pages
72h 8m
English
O'Reilly Media, Inc.
Content preview from Cisco IOS Cookbook, 2nd Edition

Limiting MIB Access

Problem

You want to limit which MIB variables can be remotely accessed with SNMP.

Solution

You can use the following commands to restrict SNMP access to portions of the MIB tree. This example shows the legacy configuration method:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#access-list 99 permit 172.25.1.0 0.0.0.255
Router(config)#access-list 99 deny any log
Router(config)#snmp-server view ORAVIEW mib-2 included
Router(config)#snmp-server view ORAVIEW at excluded 
Router(config)#snmp-server view ORAVIEW cisco included
Router(config)#snmp-server community ORARO view ORAVIEW ro 99
Router(config)#snmp-server view RESTRICTED lsystem.55 included
Router(config)#snmp-server community ORARW view RESTRICTED rw 99
Router(config)#end
Router#

Cisco also has a new method for restricting MIB access, which uses the snmp-server group command:

Router#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#snmp-server view ORAVIEW mib-2 included
Router(config)#snmp-server view ORAVIEW at excluded
Router(config)#snmp-server view ORAVIEW cisco included
Router(config)#snmp-server group TEST v1 read ORAVIEW 
Router(config)#snmp-server user ORARO TEST v1 
Router(config)#snmp-server view RESTRICTED lsystem.55 included
Router(config)#snmp-server group TEST2 v1 write RESTRICTED
Router(config)#snmp-server user ORARW TEST2 v1 
Router(config)#end 
Router#

Discussion

By default, enabling SNMP services on ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

IP Routing on Cisco IOS, IOS XE, and IOS XR: An Essential Guide to Understanding and Implementing IP Routing Protocols

Brad Edgeworth, Aaron Foss, Ramiro Garza Rios
Cisco IOS in a Nutshell, 2nd Edition
Cisco Software-Defined Access

Cisco Software-Defined Access

Srilatha Vemula, Jason Gooley, Roddie Hasan
Learning the Cisco Application-Centric Infrastructure (ACI)

Publisher Resources

ISBN: 0596527225Supplemental ContentErrata Page