I have a policy which allows icmp / ping / snmp-base / snmpv1 / snmpv2 however when I review the logs the traffic which matches this policy is being caught in a lower policy that is more general (and we are trying to get rid of). Someone told me that because icmp/ping are layer 3 and snmp is layer 7 that they cannot share a policy. I didn't believe him until I saw these results. Please say this is not the case. Any ideas?
... View more