Is anyone familiar with configuring SNMPv3 ACLs on Aruba CX? I attempted to apply an ACL on SNMP V3 but could not find the command. or does Aruba CX use other features instead of ACL?
ACLs are supported on Aruba switches, the command to configure ACLs is "access-list":6200(config)# access-list ip TEST_ACLThis would send you to an ACL configuration context and you can configure your ACL to restrict/allow the various networks or host you want. If your goal is to block SNMP you can configure something similar:access-list ip TEST_ACL 10 deny udp 10.10.1.1 eq snmp 10.10.1.100 20 deny udp 10.10.1.1 eq snmp-trap 10.10.1.100 30 permit any any any
6200(config)# access-list ip TEST_ACL
access-list ip TEST_ACL
10 deny udp 10.10.1.1 eq snmp 10.10.1.100
20 deny udp 10.10.1.1 eq snmp-trap 10.10.1.100
30 permit any any any
Or is your goal to push configuration(ACL configuration) to your switch via SNMP?
Hi!As it seems to me the question was about snmpv3 protection with acl, so that not everyone could poll Switch, but only Monitoring Server and computers from the network of administrators.
Now I have such a task in front of me, but the only thing I managed to find is how to bind acl to snmp-server community, which is relevant for snmp v2a. https://www.arubanetworks.com/techdocs/AOS-CX/10.07/HTML/5200-7834/Content/Chp_SNMP/SNMP_cmds/snmp-ser-com-acs-lst.htm.
I have not found a similar document for AOS-CX version 10.12 or 10.13 either. Maybe in newer versions of AOS-CX there is a possibility to bind acl to snmpv3 settings.__________________Wadim
We do not support SNMPv3 ACLs on CX Switches. Since SNMPv3 has its own security , ACL was not been in practice .
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.