How to configure SNMP v1 access communities in the CA SystemEDGE agent.

Document ID : KB000023380
Last Modified Date : 14/02/2018
Show Technical Document Details


How do I configure the SNMP V1 communities the CA SystemEDGE agent will respond to and restrict this to specific hosts?




The CA SystemEDGE installation lets you define read-only and read-write communities.

You can modify those communities or define additional communities manually in the file.

The configuration file defines access communities using the following format:


community community-name permissions access-list

Definition of parameters above,

community-name : Can be any octet string.You can use any ASCII characters for the community name. Defaults are public and admin

permissions : Specifies what level of permissions to grant, either read-only or read-write.

access-list : Specifies a space-separated list of IP addresses (in dotted decimal notation) that defines the systems that have access using the given community string. Access lists are not totally secure because systems can still spoof IP addresses. Access lists do, however, provide the ability to restrict legitimate use. You can provide IPv4 or IPv6 addresses as access lists. If the access list is empty, CA eHealth SystemEDGE grants access to any system that uses this community string.


In the following example, CA eHealth SystemEDGE permits read-write access using the community-string private only to systems with one of the following IP addresses:,,, orea2f:fe90:abcd:0000:230:a2f:200:ad01. CA SystemEDGE treats any other system that attempts to use private as an authentication failure:


community private read-write ea2f:fe90:abcd:0000:230:a2f:200:ad01



Steps to implement the updated community statement,

Modify the CA SystemEDGE agents run-time in the data_directory  


Windows default location,




Unix default location,




Make the modifications of your custom community keyword in the file.


(All changes will not take affect until the agent is restarted)

On Windows the Agent can be restarted by bringing up the windows services gui,



CA SystemEDGE (Choose restart)


Or on Unix you can restart systemedge


by using /etc/init.d/CA-Systemedge restart


Additional Information:

- IP addresses must be separated by a space character; you cannot use any other characters, including the newline.

- The maximum length of a community string statement (including any access list) is 1024 characters, which provides enough space for about 60 IPv4 addresses and even less for IPv6 addresses. To configure longer access lists, define separate communities.