3com 8807 User Guide
Configuring ACL for SNMP Users
213
Configuration Tasks
n
■
you can apply different ACLs in the snmp-agent community, snmp-agent
group and snmp-agent usm-use commands.
group and snmp-agent usm-use commands.
■
You can only apply number-based basic ACLs to implement ACL control over
SNMP users.
SNMP users.
For the detailed description of these commands, refer to the Command Manual.
Table 182 Configuration tasks
Configuration procedure
Command
Description
Enter system view
system-view
-
Define an ACL and enter ACL view
acl number acl-number [
match-order { config |
auto } ]
match-order { config |
auto } ]
Required. This command
can only define a
number-based basic ACL.
The acl-number parameter
ranges from 2,000 to
2,999.
can only define a
number-based basic ACL.
The acl-number parameter
ranges from 2,000 to
2,999.
Define basic ACL rules
rule [ rule-id ] { permit |
deny } [ source {
source-addr wildcard | any
} | fragment | time-range
name | vpn-instance
instance-name ]*
deny } [ source {
source-addr wildcard | any
} | fragment | time-range
name | vpn-instance
instance-name ]*
Required
Exit ACL view
quit
-
Apply the ACL to
control SNMP
users
control SNMP
users
Apply the ACL in
the snmp-agent
community
command
the snmp-agent
community
command
snmp-agent community {
read | write }
community-name [
mib-view view-name ] [
acl acl-number ]
read | write }
community-name [
mib-view view-name ] [
acl acl-number ]
The SNMP community
name is a feature of SNMP
V1 and SNMP V2. Applying
an ACL in the snmp-agent
community command
filters the network
management systems
based on SNMP V1 and
SNMP V2.
name is a feature of SNMP
V1 and SNMP V2. Applying
an ACL in the snmp-agent
community command
filters the network
management systems
based on SNMP V1 and
SNMP V2.
Apply the ACL in
the snmp-agent
group
command
the snmp-agent
group
command
snmp-agent group { v1 |
v2c } group-name [
read-view read-view ] [
write-view write-view ] [
notify-view notify-view ] [
acl acl-number ]
v2c } group-name [
read-view read-view ] [
write-view write-view ] [
notify-view notify-view ] [
acl acl-number ]
snmp-agent group v3
group-name [
authentication | privacy ]
[ read-view read-view ] [
write-view write-view ] [
notify-view notify-view ] [
acl acl-number ]
group-name [
authentication | privacy ]
[ read-view read-view ] [
write-view write-view ] [
notify-view notify-view ] [
acl acl-number ]
The SNMP group and user
name are features of SNMP
V2 and later. Applying
ACLs in the snmp-agent
group, snmp-agent
group v3, snmp-agent
usm-user, and
snmp-agent usm-user v3
commands filters the
network management
systems based on SNMP V2
and later.
name are features of SNMP
V2 and later. Applying
ACLs in the snmp-agent
group, snmp-agent
group v3, snmp-agent
usm-user, and
snmp-agent usm-user v3
commands filters the
network management
systems based on SNMP V2
and later.
If you apply ACLs in these
two groups of commands
simultaneously, the switch
filters network
management users
according to the both
features.
two groups of commands
simultaneously, the switch
filters network
management users
according to the both
features.
Import the ACL
into the
snmp-agent
usm-user
command
into the
snmp-agent
usm-user
command
snmp-agent usm-user {
v1 | v2c } user-name
group-name [ acl
acl-number ]
v1 | v2c } user-name
group-name [ acl
acl-number ]
snmp-agent usm-user v3
user-name group-name [
authentication-mode {
md5 | sha } auth-password
] [ privacy-mode des56
priv-password ] [ acl
acl-number ]
user-name group-name [
authentication-mode {
md5 | sha } auth-password
] [ privacy-mode des56
priv-password ] [ acl
acl-number ]