29-16
Catalyst 2928 Switch Software Configuration Guide
OL-23389-01
Chapter 29 Configuring SNMP
Configuring SNMP
SNMP Examples
This example shows how to enable all versions of SNMP. The configuration permits any SNMP manager
to access all objects with read-only permissions using the community string
public
. This configuration
does not cause the switch to send any traps.
Switch(config)#
snmp-server community public
This example shows how to permit any SNMP manager to access all objects with read-only permission
using the community string
public
. The switch also sends VTP traps to the hosts 192.180.1.111 and
192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string
public
is sent with the traps.
Switch(config)#
snmp-server community public
Switch(config)#
snmp-server enable traps vtp
Switch(config)#
snmp-server host 192.180.1.27 version 2c public
Switch(config)#
snmp-server host 192.180.1.111 version 1 public
Switch(config)#
snmp-server host 192.180.1.33 public
This example shows how to allow read-only access for all objects to members of access list 4 that use
the
comaccess
community string. No other SNMP managers have access to any objects. SNMP
Authentication Failure traps are sent by SNMPv2C to the host
cisco.com
using the community string
public
.
Switch(config)#
snmp-server community comaccess ro 4
Switch(config)#
snmp-server enable traps snmp authentication
Switch(config)#
snmp-server host cisco.com version 2c public
Step 3
access-list
access-list-number
{
deny
|
permit
}
source
[
source-wildcard
]
Create a standard access list, repeating the command as many times
as necessary.
•
For
access-list-number
, enter the access list number specified
in Step 2.
•
The
deny
keyword denies access if the conditions are matched.
The
permit
keyword permits access if the conditions are
matched.
•
For
source
, enter the IP address of the TFTP servers that can
access the switch.
•
(Optional) For
source-wildcard
, enter the wildcard bits, in
dotted decimal notation, to be applied to the source. Place ones
in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Step 4
end
Return to privileged EXEC mode.
Step 5
show running-config
Verify your entries.
Step 6
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose