So I’ve been using standard access lists for IPv4 filtering of my snmp queries to various routers using the code below:
ip access-list standard allowed-SNMP-IPv4
permit 1.2.3.4
deny any log
snmp-server community public RO allowed-SNMP-IPv4
This has worked for some time for me however, whenever I try to make an IPv6 access list and apply it, it removes the ‘snmp-server’ entry for IPv4:
ipv6 access-list allowed-SNMP-IPv6
permit ipv6 host 2604:21C0::CAFE:ABBA any
deny ipv6 any any log
snmp-server community public RO ipv6 allowed-SNMP-IPv6
When I’m done, the IPv4 RO is missing… am I doing this the wrong way or is there something else going on? I don’t want different community strings (my monitors use both IPv4 and IPv6 with IPv4 being the fallback protocol). Suggestions? Other methods?