Problem Description
Sometimes SSH/Telnet etc. implement ACLs to control (Ctl) or block source IPs. However, if the ACL is incorrect, it may prevent access to the device. As long as SNMP has write permissions at this time, the configuration can be remediated via SNMP.
Process Analysis
For a very small number of products, the SNMP MIB may differ (refer to the product-specific MIB manual), or write permissions may not be available, or SNMP write permissions may be disabled in the configuration, or IP restrictions may have been added to SNMP. In such cases, other means must be used for recovery.
Solution
Delete basic ACL 2000:
snmpset -v2c -c private 192.168.x.x 1.3.6.1.4.1.25506.2.8.2.1.3.1.3.1.2000 i 6
Delete rule 1 in basic ACL 2000:
snmpset -v2c -c private 192.168.x.x 1.3.6.1.4.1.25506.2.8.2.2.2.1.2.1.2000.1 i 6
Insert rule 0 in basic ACL 2000: (Use snmpset on Linux. For installation, search for deepseek. If there is no vpn-instance mgmt, delete the last line.)
snmpset -v2c -c private 192.168.x.x \
1.3.6.1.4.1.25506.2.8.2.2.2.1.2.1.2000.0 i 4 \
1.3.6.1.4.1.25506.2.8.2.2.2.1.3.1.2000.0 i 2 \
1.3.6.1.4.1.25506.2.8.2.2.2.1.15.1.2000.0 s 'mgmt'