You should be able to do what you have laid out.
Here is a possible starting point.

To restrict who can access SNMP and what community string they use:
com2sec <sec name> IP/CIDR <community string>

   For example:  com2sec  mysec 10.10.10.0/24 'my_string'
      all access from any IP on that subnet to get specific IP:
10.10.10.10/32

To Control Access to OIDs, I would use VACM approach

#     group.name    model sec.name
group RWGroup      v2c   mysec

# create a view and set what can and cannot be accessed
view rwView       included  .1                      80
view rwView       excluded  .1.3.6.1.4.1.2021       fe
view rwView       excluded  .1.3.6.1.4.1.8072       fe


#                    context model sec.level match read.view write.view
notif
access RWGroup      ""      v2c   noauth    exact rwView    rwView none

On Tue, Jan 14, 2020 at 12:55 AM Nagarjun G <nagarjun.newslet...@gmail.com>
wrote:

> Hi All,
>
> We have been using net-snmp to manage our devices. We have a new
> requirement now which is described below.
>
> My current configuration is as below :
> I have an snmp agent which can be configured to run any version(v1/v2c/v3)
> of snmp.
> We are currently accessing the snmp agent through mib browser.
> This has been there quite very long.
>
> Recent requirement  :
> There is another snmp manager which will access our snmp agent using only
> snmpv2c which will have access to very limited OID's.
>
> What I need to achieve is:
> I need to make my snmp agent respond to two different snmp managers, one
> responding to v1/v2c/v3 requests and
> another responding to only v2 requests with having limited access to few
> OID's.
>
> Is it possible to achieve the above configuration ?
> what type of access control configuration is needed ?
>
> Regards
> Nagarjun
> _______________________________________________
> Net-snmp-coders mailing list
> Net-snmp-coders@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
>
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to