Does anyone know if it's possible to enable SNMP traps to be sent from a Cisco IOS device when an ACL blocks traffic? I'd like to send a trap whenever a deny
statement gets a hit.
I've only been able to find information about sending ACL logs to a remote syslog server.
Thanks!
Best Answer
So long as the IOS version supports it, you can use extended ACLs to allow the traffic.
Assuming the management IP of the Cisco device is 10.10.10.10 and the trap destination is 20.20.20.20...
Configure SNMP: [Reference]
Allow traps through ACL: [Reference]
Then assign that access list to the management interface: