[c-nsp] Running SNMP on a different Port
I have searched about 3 years of cisco-nsp archives and searched through the Cisco IOS Network Management Configuration Guide. and have been unable to find a way to configure SNMP to listen to a different port number. I have a router where an upstream managed router is blocking snmp for security reasons. I know they are just using a simple ACL and if I ran SNMP on a different port I could get around their block. Unfortunatly, I do not see any elegant solution that allows me to run SNMP on a different port than 161. I appreciate any assistance. --- Brian Raaen Network Architect bra...@zcorum.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Running SNMP on a different Port
Hi, you could do NAT on the router, for example: interface Loopback1 ip address 10.0.0.10 255.255.255.0 ip nat inside interface GigabitEthernet0/1 ip address 192.168.0.1 255.255.255.0 ip nat outside ip nat inside source static udp 10.0.0.10 161 interface 192.168.0.1 100 and then you could do snmpwalk to 192.168.0.1:100 And your should get what you want. But it hardly could be called elegant solution opsli...@rhemasound.org wrote: I have searched about 3 years of cisco-nsp archives and searched through the Cisco IOS Network Management Configuration Guide. and have been unable to find a way to configure SNMP to listen to a different port number. I have a router where an upstream managed router is blocking snmp for security reasons. I know they are just using a simple ACL and if I ran SNMP on a different port I could get around their block. Unfortunatly, I do not see any elegant solution that allows me to run SNMP on a different port than 161. I appreciate any assistance. --- Brian Raaen Network Architect bra...@zcorum.com ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cases to lock a switch -- physical layer protection?
Hi Trevor, Check out these co-lo racks:- http://data-centres.comms-express.com/colocation-server-cabinets.php They've got several compartments in the same racks which means that you can interconnect, but not touch the kit. LH -Original Message- From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Furnish, Trever G Sent: 19 April 2011 14:23 To: cisco-nsp@puck.nether.net Subject: [c-nsp] Cases to lock a switch -- physical layer protection? Hello, I have a particularly sensitive scenario where I need to allow access to other hardware within a rack but ensure that no one is able to physically modify connections to the top-of-rack switch and ASA. I would love to find an in-rack-mountable case to go around the Cisco gear, in the same way that telco's commonly protect smartjack shelves. Can anyone recommend such a case or similar protective measure? -- Trever Furnish, tgfurn...@herffjones.com Herff Jones, Inc. Solutions Architect Phone: 317.612.3519 ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ This email has been scanned by Webroot for the presence of known Viruses and Spam. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] Cases to lock a switch -- physical layer protection?
On 4/19/11 6:22 AM, Furnish, Trever G wrote: Hello, I have a particularly sensitive scenario where I need to allow access to other hardware within a rack but ensure that no one is able to physically modify connections to the top-of-rack switch and ASA. I would love to find an in-rack-mountable case to go around the Cisco gear, in the same way that telco's commonly protect smartjack shelves. The most common telco smartjack enclosure I've seen Verizon use here is the type that holds four cards. It has a plexiglas door with an Ace style lock on the top. And there are two Phillips screws on the bottom of the door for those who don't have the key. Can anyone recommend such a case or similar protective measure? If you have something custom made, use Medeco locks, welded construction, and ensure that the mounting hardware is protected by the locking mechanism. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/