SNMP Question (Cisco)

Posted on 2004-11-12
Last Modified: 2011-10-03
I want to restrict snmp traps to certain hosts on my network.  I'm using Cisco equipment.

Will this work?

snmp-server group Networking access-list 200
snmp-server enable traps

access-list 200 permit

also, can I do the same thing on a CAT OS?  if so, what is the command?
Question by:AsenathWaite
    LVL 2

    Accepted Solution

    One important thing you need to do is change the community string which is hard to guess. Create two seperate communities one for read only and the other for read-write.

    You can allow a whole lan to access the read-only community and restrict the read-write community to a single host.

      ! allow SNMP reads from hosts in access-list 5
      snmp-server community h4rd2gu3ss ro 5
      ! allow SNMP write from host in access-list 10
      snmp-server community h4rd3r2gu3ss rw 10
      ! access list for SNMP read
      access-list 5 permit lansegmentaddress lansegmentmask
      access-list 5 deny any
      ! access list for SNMP read/writes
      access-list 10 permit host snmp_management_station_ip
      access-list 10 deny any

      snmp-server enable traps
      snmp-server trap-authentication
      snmp-server host snmp_management_station_ip

    This is good for cisco routers. for CAT OS I will leave to the other experts.

    Hope this is helpful. Good Luck
    LVL 15

    Expert Comment

    Traps are sent from the equipment to a host server, no need for access lists unless you wish to control SNMP access to the equipment.

    snmp-server enable traps
    snmp-server host <host name/IP> <community string>

    set snmp trap enable
    set snmp trap <host name/IP> <community string>

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Lets look at the default installation and configuration of FreeProxy 4.10 REQUIREMENTS 1. FreeProxy 4.10 Application - Can be downloaded here ( 2. Ensure that you disable the windows fi…
    Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now