Support User Manuals

Cisco Systems 2955 Switch User Manual

Open as PDF

of 674

27-15

Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide

OL-10101-02

Chapter 27 Configuring SNMP

Configuring SNMP

Limiting TFTP Servers Used Through SNMP

Beginning in privileged EXEC mode, follow these steps to limit the TFTP servers used for saving and

loading configuration files through SNMP to the servers specified in an access list:

SNMP Examples

This example shows how to enable all versions of SNMP. The configuration permits any SNMP manager

to access all objects with read-only permissions using the community string public. This configuration

does not cause the switch to send any traps.

Switch(config)# snmp-server community public

This example shows how to permit any SNMP manager to access all objects with read-only permission

using the community string public. The switch also sends VTP traps to the hosts 192.180.1.111 and

192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string

public is sent with the traps.

Switch(config)# snmp-server community public

Switch(config)# snmp-server enable traps vtp

Switch(config)# snmp-server host 192.180.1.27 version 2c public

Switch(config)# snmp-server host 192.180.1.111 version 1 public

Switch(config)# snmp-server host 192.180.1.33 public

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

snmp-server tftp-server-list

access-list-number

Limit TFTP servers used for configuration file copies through

SNMP to the servers in the access list.

For access-list-number, enter an IP standard access list numbered

from 1 to 99 and 1300 to 1999.

Step 3

access-list access-list-number {deny |

permit} source [source-wildcard]

Create a standard access list, repeating the command as many times

as necessary.

• For access-list-number, enter the access list number specified

in Step 2.

• The deny keyword denies access if the conditions are matched.

The permit keyword permits access if the conditions are

matched.

• For source, enter the IP address of the TFTP servers that can

access the switch.

• (Optional) For source-wildcard, enter the wildcard bits, in

dotted decimal notation, to be applied to the source. Place ones

in the bit positions that you want to ignore.

Recall that the access list is always terminated by an implicit deny

statement for everything.

Step 4

end Return to privileged EXEC mode.

Step 5

show running-config Verify your entries.

Step 6

copy running-config startup-config (Optional) Save your entries in the configuration file.

previous next