The set system snmp-acl security-name network command configures SNMP access control white list.
set system snmp-acl [security-name <community-name>] network <ip/mask>
Optional. Specifies the name of a community. The value is a string.
It is a community name for SNMPv1/SNMPv2, security name for SNMPv3.
Specifies the network where the SNMP queries come from. The format is IPv4/mask or IPv6/mask. For example, 10.10.10.0/24.
SNMP ACL has two types of access control white list: As-per User List and Global List.
- As-per User List
The SNMP ACL that specifies a security name can be configured with multiple networks and is called the as-per user list. For example,
Where "security-name" is the community name for SNMPv1 and SNMPv2, and the security name for SNMPv3.
- Global List
SNMP ACLs that do not specify a security name but only networks are called the global list. For example,
The global list is applied to NMS that are not configured with an as-per user list.
- Configure an SNMP ACL as-per user list, NMS with the security name public and from network 10.10.50.0/24 can access the device.
- Configure an SNMP ACL global list, NMS from 192.168.10.0/24 can access the device.