LAN Routing

HPE MSR Router - disable SNMP on external interface

 
AdrianSchmidt
New Member

HPE MSR Router - disable SNMP on external interface

Hi I'm Adrian, and I own an HPE MSR router that we use at our university.

Long ago we enabled SNMP on it, and created an ACL so the SNMP is only accessible from inside the university.

Now I want to change a little SNMP - so it only binds to the internal interface. Is this possible? Or is there a way to firewall the external interface?

Any pointer will be greatly appreciated

Adrian

2 REPLIES 2
akg7
HPE Pro

Re: HPE MSR Router - disable SNMP on external interface

Hello @adrian,
Are you want to change in snmp or in ACL?

Can you elaborate the issue?

Thanks!
Note: While I am an HPE Employee, all of my comments (whether noted or not), are my own and are not any official representation of the companyAccept or Kudo
Ivan_B
HPE Pro

Re: HPE MSR Router - disable SNMP on external interface

Hi @AdrianSchmidt !

In general I would advise to use ACL on each SNMP community to control the access to it. Since you already have such ACL, I guess it permits certain (or all) sources to particular IP address of the MSR in your internal network. This is enough to reject all SNMP requests from other sources or requests targeting external interfaces.

As additional measure you can set a packet-filter ACL on external interface and deny all packets destined to UDP port 161.

 

I am an HPE employee

Accept or Kudo