Avaya VSP Switch Access Profile Issue

[Mosscar]

Hi all,

We would like to apply access profile on vsp switch to limit end point access to switch web/telent/ssh, after applied the policy the access limit is working fine except the SNMP, the SNMP server can't access to switch for SNMP polling. The command as below

access-policy
access-policy 1
access-policy 1 name "policy1" network 172.16.16.0 20 accesslevel rwa
access-policy 1 http ssh snmpv3 telent tftp ftp
access-policy 1 snmp-group NMC usm
access-policy 1 enable

Anyone can help me for this problem?

Thx

 

[andy88]

Have you checked if the snmp-group you created "NMC" has no-auth-no-priv to allow snmpv1 and v2?

 

[Mosscar]

Hi Andy,

Thank you for your replied, just add the following command to switch but SNMP still can't access to switch for polling.

snmp-server group "NMC" "" no-auth-no-priv read-view root notify-view root

Thanks,

 

[Mosscar]

Hi Andy,

The SNMP issue fixed by following document, i test it on my LAB, the SNMP group must use VCAM "default group"

The final command

access-policy
access-policy 1 name "policy1" network 172.16.16.0 20 accesslevel rwa
access-policy 1 access-strict
access-policy 1 tftp
access-policy 2
access-policy 2 name "policy2" network 172.16.16.0 20
access-policy 2 snmpv3
access-policy 2 snmp-group readgrp snmpv1
access-policy 2 snmp-group readgrp snmpv2c

https://downloads.avaya.com/css/P8/documents/101009369

Thanks,

 

[andy88]