11 how to restrict snmp access, Snmp access restriction, How to add an ip address to the access list – Technicolor - Thomson Wireless Business DSL Routers SpeedTouchTM620 User Manual

Chapter 10

SpeedTouch™ Monitoring

E-DOC-CTC-20051017-0155 v1.0

157

10.2.11 How to Restrict SNMP Access

SNMP Access

Restriction

You can restrict SNMP Access so that it is accepted from specific IP addresses only.
To do this, add the IP address or an IP Address range to the access list for the
service SNMPV3_Agent. Note that this also covers SNMPv1.

You can also restrict access to specific interface groups such as WAN, LAN, DMZ,...

How to Add an IP

Address to the Access

List

Use the following command:

with

either the IP address or the range of IP addresses from which

SNMP access should be allowed.

How to Add an

Interface Group to the

Access List

Use the following command:

The

parameter determines which interface group has access to the

SNMP service.

How to View the

Configuration

Use the following command to view the configuration:

This results in the following output:

:service system ipadd name=SNMPV3_AGENT ip=

:service system ifadd name=SNMPV3_AGENT group =

<{wan|local|lan|tunnel|dmz|guest} or number>

:service system list name SNMPV3_AGENT expand enabled

Idx Name

Protocol

SrcPort

DstPort

Group

-----------------------------------------------------------------------

1 SNMPV3_AGENT

udp

161

Description................ Rx snmp GET, SET and GETNEXT PDUs

Properties................. server

Attributes................. state port aclip aclif aclifgroup map log

User Managed Attributes.... state aclip aclif aclifgroup map log

Attribute Values :

State...................... (administratively) disabled

Port....................... 161

Ip Access List............. any

Interface Access List...... any

Interface Group Access List any

Map List................... 161

Logging.................... disabled