|
|
|
To block SNMP access to the supervisor from the network, on IP interface 10.10.0.240/255.255.255.0, use the following ACL entry:
ip access-list SNMP 10 deny udp any host 10.10.0.240 eq 161
If you were to use the following command, the switch would block all inter-subnet SNMP traffic, but would also create a forwarding cache entry for every flow that had a different SA, DA, source port, destination port, or protocol.
ip access-list SNMP 10 deny udp any any eq 161
|
|
|