[AGENT++] How Do You Control Access Based on Source Address
Dave White | Networking
dave.white at efi.com
Tue Aug 23 20:22:25 CEST 2005
Hi,
I would like to have different access to MIB objects depending upon the
source of an SNMP request. For example, if a SNMPv1 request with community
name "public" comes from the local IP address (127.0.0.1), access to all MIB
objects is allowed. If a SNMPv1 request with community name "public" comes
from any other address, access to MIB objects is restricted to a limited set
of objects. RFC 3584 seems to hint that this can be done, but it is not
clear enough to me how you do it. Has anyone done this?
What tables need to be set up, and how should they get set up? What is the
relationship between snmpCommunityTransportTag in the snmpCommunityTable and
the snmpTargetAddrTable?
Can similar control be done with SNMPv3 requests using USM?
Any thoughts or suggestions would be very welcomed!
Thanks,
Dave
More information about the AGENTPP
mailing list