Configuring SNMP
Command
Step 3
access-list access-list-number {deny |
permit} source [source-wildcard]
Step 4
end
Step 5
show running-config
Step 6
copy running-config startup-config
SNMP Examples
This example shows how to enable all versions of SNMP. The configuration permits any SNMP manager
to access all objects with read-only permissions using the community string public. This configuration
does not cause the switch to send any traps.
Switch(config)# snmp-server community public
This example shows how to permit any SNMP manager to access all objects with read-only permission
using the community string public. The switch also sends VTP traps to the hosts 192.180.1.111
and 192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string
public is sent with the traps.
Switch(config)# snmp-server community public
Switch(config)# snmp-server enable traps vtp
Switch(config)# snmp-server host 192.180.1.27 version 2c public
Switch(config)# snmp-server host 192.180.1.111 version 1 public
Switch(config)# snmp-server host 192.180.1.33 public
This example shows how to allow read-only access for all objects to members of access list 4 that use
the comaccess community string. No other SNMP managers have access to any objects. SNMP
Authentication Failure traps are sent by SNMPv2C to the host cisco.com using the community string
public.
Switch(config)# snmp-server community comaccess ro 4
Switch(config)# snmp-server enable traps snmp authentication
Switch(config)# snmp-server host cisco.com version 2c public
This example shows how to send Entity MIB traps to the host cisco.com. The community string is
restricted. The first line enables the switch to send Entity MIB traps in addition to any traps previously
enabled. The second line specifies the destination of these traps and overwrites any previous
snmp-server host commands for the host cisco.com.
Catalyst 2360 Switch Software Configuration Guide
23-16
Purpose
Create a standard access list, repeating the command as many times
as necessary.
•
For access-list-number, enter the access list number specified
in Step 2.
•
The deny keyword denies access if the conditions are matched.
The permit keyword permits access if the conditions are
matched.
For source, enter the IP address of the TFTP servers that can
•
access the switch.
(Optional) For source-wildcard, enter the wildcard bits, in
•
dotted decimal notation, to be applied to the source. Place ones
in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Chapter 23
Configuring SNMP
OL-19808-01