Fibre Channel (SAN)

Reply
New Contributor
Posts: 3
Registered: ‎11-05-2008

How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

Looking to disable all the access using SNMPv1/v2c on DCX switches running FOS 6.4.2b.

Trying to use #snmpconfig --disable snmpv1

but getting wrong options used...

Regular Contributor
Posts: 161
Registered: ‎12-30-2009

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

The option to --disable is present in FOS7 for sure, but Im not sure if it is in FOS6.4.

If your syntax is correct per CMD ref guide the switch simply does not understand the options given.

 

If you want to disable snmp all together, block it by using the ipfilter to block port 161

New Contributor
Posts: 3
Registered: ‎11-05-2008

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

can you provide more info on using ipfilter? remember i want to disable only SNMPv1 and 2c.

Regular Contributor
Posts: 161
Registered: ‎12-30-2009

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

Just to make sure, you do want to use snmpv3?

 

If so ipfilter is useless but if you want to block snmp completely (like I stated in previous post) it well do the job.

 

Using ipfilter is similar to using other commands.

help ipfilter gives you syntax/operands/examples from which you can work of.

 

Please note that, lathough you may not be aware of it, the switch is already running a default rulebase for ipfilter.

It is best to keep that one as is, clone it, make alteration in the clone, and activate the clone.

 

Please be aware that if done wrong, you may end up with a switch blocked management services (ssh telnet http set to deny).

In such an event you can revert your action if you have a serial connection. .

So better make sure you have a proper serial cable and test if you can connect to the switch using the serial cable before you attempt this.

New Contributor
Posts: 3
Registered: ‎11-05-2008

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

Thanks for the input.

I want to still use SNMPv3 and disable only SNMPV1/V2c.

 

any other way or disabling SNMPV1 alone?

Regular Contributor
Posts: 161
Registered: ‎12-30-2009

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

Not that I'm aware of, unless you are willing to upgrade (if possible)

Contributor
Posts: 21
Registered: ‎04-18-2011

Re: How to disable snmpv1/v2c on DCX running FOS 6.4.2b completely and use only snmpv3?

[ Edited ]

i think since both snmp versions use the same ports 161 & 162, it won't be possible to run only snmpv3 and delete snpmv1/v2c. 

ipfilter works on blocking the port. 

why is it that you want to disable it completely ? any security reason or something ? 

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook