rule [ rule-id] { deny permit } [ counting fragment logging source { sour-addr
sour-wildcard any } time-rangeN/A time-range-name vpn-instance
vpn-instance-name ] *
4. Exit the basic ACL view. | quit | N/A |
| | |
| • SNMPv1/v2c community: | |
| snmp-agent community { read write } | |
| community-name [ mib-viewview-name ] [ acl | |
| acl-number acl ipv6 ipv6-acl-number ] * | |
• | SNMPv1/v2c group: |
| snmp-agent group { v1 v2c } group-name |
| [ read-view read-view] [ write-view write-view] |
| [ notify-view notify-view] [ acl acl-number acl |
| ipv6 ipv6-acl-number ] * |
• | SNMPv3 group: |
5. Apply the ACL to an | snmp-agent group v3 group-name |
[ authentication privacy ] [ read-view |
SNMP community, group, | read-view ] [ write-viewwrite-view ] |
or user. | [ notify-view notify-view] [ acl acl-number acl |
| ipv6 ipv6-acl-number ] * |
• | SNMPv1/v2c user: |
| snmp-agent usm-user { v1 v2c } user-name |
| group-name [ acl acl-number acl ipv6 |
| ipv6-acl-number ] * |
• | SNMPv3 user: |
| snmp-agent usm-user v3 user-name |
| group-name[ [ cipher ] authentication-mode |
| { md5 sha } auth-password[ privacy-mode |
| { 3des aes128 des56 } priv-password] ] [ acl |
| acl-number acl ipv6 ipv6-acl-number ] * |
For more information about SNMP, see System Management and Maintenance Configuration Guide.
NOTE:
Support for the ipv6 ipv6-acl-numberoption depends on the device model. For more information, see Getting Started Command Reference.
SNMP login control configuration example
Network requirements
Configure the firewall in Figure 79 to allow Host A and Host B to access the firewall through SNMP.
117
