Cisco Systems 3560 Manual Do Utilizador

To disable access for an SNMP community, set the community string for that community to the null 
string (do not enter a value for the community string).

To remove a specific community string, use the no snmp-server community string global configuration 
command. 

This example shows how to assign the string comaccess to SNMP, to allow read-only access, and to 
specify that IP access list 4 can use the community string to gain access to the switch SNMP agent:

Switch(config)# snmp-server community comaccess ro 4

You can specify an identification name (engine ID) for the local or remote SNMP server engine on the 
switch. You can configure an SNMP server group that maps SNMP users to SNMP views, and you can 
add new users to the SNMP group. 

access-list access-list-number {deny | 
permit} source [source-wildcard]

(Optional) If you specified an IP standard access list number in 
Step 2, then create the list, repeating the command as many times 
as necessary.

For access-list-number, enter the access list number specified 
in Step 2.

The deny keyword denies access if the conditions are 
matched. The permit keyword permits access if the conditions 
are matched.

For source, enter the IP address of the SNMP managers that 
are permitted to use the community string to gain access to the 
agent.

(Optional) For source-wildcard, enter the wildcard bits in 
dotted decimal notation to be applied to the source. Place ones 
in the bit positions that you want to ignore.

Recall that the access list is always terminated by an implicit deny 
statement for everything.

Return to privileged EXEC mode.

Verify your entries.

(Optional) Save your entries in the configuration file.