Configure Engine access rules to allow SNMP queries from trusted SNMP managers
Automatic rules do not allow SNMP traffic to and from the engine.
The administrator must do the following:
- Create access rule that allow SNMP queries from trusted SNMP manager hosts.
- Create access rule that allow engines to send SNMP traps to SNMP trap receivers.
Note: It is recommended to allow SNMP probing of the engine only from trusted sources.
For more details on how to create access rules, refer to the Access rules section.
For example, access rule to allow SNMP queries from trusted SNMP managers:
| Source | Destination | Service | Action | Comment |
|---|---|---|---|---|
| SNMP-manager-host | $$ Local Cluster (NDI addresses only) | SNMP (UDP) | Allow | Rule to allow SNMP queries |
| $$ Local Cluster (NDI addresses only | SNMP-manager-host | SNMP Trap (UDP) | Allow | Rule to allow SNMP queries |
Note: The SNMP-manager-host is the network element for the SNMP manager used in the environment.