Dear List members, I am trying to make a SNMP proxy for multiple users, and each user is only allowed to access the proxy directive assigned to that account, but with the config i've made all usm users can connect to all contexts. How can I let customer1 deny connecting to the proxy line at Hostname2?
this is my snmpd.conf: # username level -V view context rouser customer1 priv -V system_view1 context1 rouser customer2 priv -V system_view2 context2 # Mappings between community strings and security names # -CN context security name source mask community id com2sec -Cn context1 secname1 default FakeCommunity com2sec6 -Cn context1 secname1 default FakeCommunity com2sec -Cn context2 secname2 default FakeCommunity com2sec6 -Cn context2 secname2 default FakeCommunity # Mappings between security names and group names # group name security model security name group group1 usm secname1 group group2 usm secname2 authgroup read -s usm group1 priv -v system_view1 context1 authgroup read -s usm group2 priv -v system_view2 context2 # View definitions # view name included/excluded subtree view system_view1 excluded .iso view system_view1 included SNMPv2-MIB::system view system_view2 excluded .iso view system_view2 included SNMPv2-MIB::system # Access control directives # group name context model level match read write notify access group1 context1 usm priv exact system_view1 none none access group2 context2 usm priv exact system_view2 none none authaccess read -s usm group1 system_view1 priv context1 authaccess read -s usm group2 system_view2 priv context2 proxy -Cn context1 -v 2c -c COMMUNITY HostName1 .1.3 proxy -Cn context2 -v 2c -c COMMUNITY HostName2 .1.3 Kind regards, Maurice
_______________________________________________ Net-snmp-users mailing list Net-snmp-users@lists.sourceforge.net Please see the following page to unsubscribe or change other options: https://lists.sourceforge.net/lists/listinfo/net-snmp-users
