The snmp-agent blacklist ip-block disable command disables the SNMP blacklist function.
The undo snmp-agent blacklist ip-block disable command enables the SNMP blacklist function.
By default, the SNMP blacklist function is enabled.
Usage Scenario
After the SNMP blacklist function is enabled, if an SNMP user fails to connect to the device, the IP address used by the user is recorded in the SNMP blacklist on the device; that is, the IP address is locked. Within the locking period, the SNMP user cannot connect to the device.
If the connection fails to be established several times in succession, the device locks the IP address for 8 seconds on the first attempt, 16 seconds on the second attempt, and 32 seconds on the third attempt. Any subsequent failed attempts result in the IP address being locked for 5 minutes. When the locking period arrives, the IP address is automatically unlocked.
Precautions
After the SNMP blacklist function is disabled, the IP addresses of SNMP users who fail to connect to the device are not locked. The device is vulnerable to attacks and cracking by unauthorized users, affecting device security. Therefore, you are advised to enable the IP blacklist function.
After the SNMP blacklist function is disabled, locked IP addresses are unlocked immediately.