snmp-server community
snmp-server community <STRING>
no snmp-server community <STRING>
Description
Adds an SNMPv1/SNMPv2c community string. A community string is like a password that controls read/write access to the SNMP agent. A network management program must supply this name when attempting to get SNMP information from the switch. A maximum of 10 community strings are supported. Once you create your own community string, the default community string (public) is deleted.
The no form of this command removes the specified SNMPv1/SNMPv2c community string. When no community string exists, a default community string with the value public is automatically defined.
|
Parameter |
Description |
|---|---|
|
<STRING> |
Specifies the SNMPv1/SNMPv2c community string. Range: 1 to 32 printable ASCII characters, excluding space and question mark. |
Subcommands
access-level {ro | rw}
no access-level {ro | rw}
This subcommand changes the access level of the SNMP community. The default access level is read-only (ro).
The no form of this subcommand changes the access level of the community to default.
|
Parameter |
Description |
|---|---|
|
ro |
Specifies Read-Only access with the SNMP community. |
|
rw |
Specifies Read-Write access with the SNMP community. |
access-list {ipv4 | ipv6} <ACL-NAME>
no access-list {ipv4 | ipv6} <ACL-NAME>
This subcommand associates an ACL with the SNMP community. If an ACL is not associated with the SNMP community, the default access is allowed for all the hosts.
The no form of this subcommand removes association of the ACL with the SNMP community.
|
Parameter |
Description |
|---|---|
|
ipv4 |
Specifies the IPv4 ACL type. |
|
ipv6 |
Specifies the IPv6 ACL type. |
|
<ACL-NAME> |
Specifies the ACL name. It supports a maximum of 64 characters. |
Examples
Setting the SNMPv1/SNMPv2c community string to private:
Removing SNMPv1/SNMPv2c community string private:
Configuring the access level for the SMNP community to read-only:
switch(config-community)# access-level ro
Changing the access level of the SNMP community to default:
switch(config-community)# no access-level rw
Associating an IPv4 ACL named my_acl with the SMNP community:
switch(config-community)# access-list ipv4 my_acl
Removing the associated IPv4 ACL named my_acl from the SNMP community:
switch(config-community)# no access-list ipv4 my_acl
The deny rule is not supported for SNMP ACL.
Configuration supported for SNMP ACL:
access-list ip ipv4_acl 10 permit any 4.4.4.4 4.4.4.1 20 permit any 3.3.3.3 3.3.3.1 access-list ipv6 ipv6_acl 10 permit any 2001::2 2001::1 20 permit any 3001::2 3001::1 snmp-server vrf default snmp-server community my_comm_1 access-list ipv4 ipv4_acl access-list ipv6 ipv6_acl
Configuration not supported for SNMP ACL:
access-list ip ipv4_acl 10 deny any 6.6.6.6 6.6.6.1 access-list ipv6 ipv6_acl 10 deny any 6001::6 6000::1 snmp-server vrf default snmp-server community my_comm_1 access-list ipv4 ipv4_acl access-list ipv6 ipv6_acl
hitcounts for SNMP ACL will not be incremented.
Example:show access-list hitcounts ip all will not show the hit count of SNMP ACL.
Command History
|
Release |
Modification |
|---|---|
|
10.07 or earlier |
-- |
Command Information
|
Platforms |
Command context |
Authority |
|---|---|---|
|
All platforms |
config config-community |
Administrators or local user group members with execution rights for this command. |
