set system snmp-acl security-name network

The set system snmp-acl security-name network command configures SNMP access control white list.

Command Syntax

set system snmp-acl [security-name <community-name>] network <ip/mask>

Parameter

Parameter

Description

security-name <community-name>

Optional. Specifies the name of a community. The value is a string.

It is a community name for SNMPv1/SNMPv2, security name for SNMPv3.

network <ip/mask>

Specifies the network where the SNMP queries come from. The format is IPv4/mask or IPv6/mask. For example, 10.10.10.0/24.

Usage Guidelines

SNMP ACL has two types of access control white list: As-per User List and Global List.

The SNMP ACL that specifies a security name can be configured with multiple networks and is called the as-per user list. For example,

admin@XorPlus# set system snmp-acl security-name public network 10.10.50.0/24

Where "security-name" is the community name for SNMPv1 and SNMPv2, and the security name for SNMPv3.

SNMP ACLs that do not specify a security name but only networks are called the global list. For example,

admin@XorPlus# set system snmp-acl network 10.10.50.0/24
admin@XorPlus# set system snmp-acl network 10.10.51.0/24

The global list is applied to NMS that are not configured with an as-per user list.

NOTE:

Multiple as-per user lists of different networks can be configured under one security name.
If an SNMP ACL with security name is configured, but no network list is configured under this security name, this as-per user list is empty and invalid, then global list matching will be performed.

Example

Configure an SNMP ACL as-per user list, NMS with the security name public and from network 10.10.50.0/24 can access the device.

admin@XorPlus# set system snmp-acl security-name public network 10.10.50.0/24
admin@XorPlus# commit

Configure an SNMP ACL global list, NMS from 192.168.10.0/24 can access the device.

admin@XorPlus# set system snmp-acl network 192.168.10.0/24
admin@XorPlus# commit