HP xw460c View-based Access Control Model configuration, SNMPv3 Group configuration, PrivauthPriv

Page 100

View-based Access Control Model configuration

Command: /cfg/sys/ssnmp/snmpv3/access

[SNMPv3 vacmAccess 1 Menu]

name	- Set group name
model	- Set security model
level	- Set minimum level of security
rview	- Set read view index
wview	- Set write view index
nview	- Set notify view index
del	- Delete vacmAccess entry
cur	- Display current vacmAccess configuration

The view-based Access Control Model defines a set of services that an application can use for checking access rights of the user. Access control is needed when the user has to process SNMP retrieval or modification request from an SNMP entity.

The following table describes the User Access Control Configuration Menu options.

Table 88 View-based Access Control Configuration Menu options

Command	Description

name <1-32	Defines the name of the group, up to a maximum of 32 characters.
characters>

model	Selects the security model to be used.
usmsnmpv1snmpv2

level	Defines the minimum level of security required to gain access rights. The level
noAuthNoPrivauthNo	noAuthNoPriv means that the SNMP message will be sent without authentication and
PrivauthPriv	without using a privacy protocol. The level authNoPriv means that the SNMP message
	will be sent with authentication but without using a privacy protocol. The authPriv means
	that the SNMP message will be sent both with authentication and using a privacy protocol.

rview <1-32	Defines a 32 character long read view name that allows you read access to a particular MIB
characters>	view. If the value is empty or if there is no active MIB view having this value then no access is
	granted.

wview <1-32	Defines a 32 character long write view name that allows you write access to the MIB view. If
characters>	the value is empty or if there is no active MIB view having this value then no access is
	granted.

nview <1-32	Defines a 32 character long notify view name that allows you notify access to the MIB view.
characters>

del	Deletes the View-based Access Control entry.

cur	Displays the View-based Access Control configuration.

SNMPv3 Group configuration

Command: /cfg/sys/ssnmp/snmpv3/group

[SNMPv3 vacmSecurityToGroup 1 Menu]

model	- Set security model
uname	- Set	USM user name
gname	- Set	group name
del	- Delete vacmSecurityToGroup entry
cur	- Display current vacmSecurityToGroup configuration

Configuration Menu 100

Image 100

Contents HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Page Contents Statistics Menu Configuration Menu 111 Index Command line interface Connecting to the switch IntroductionAdditional references Establishing a console connectionSetting an IP address Telnet GbE2c Ethernet Blade Switch IP addressEstablishing a Telnet connection Establishing an SSH connectionAccessing the switch # ssh user@GbE2c Ethernet Blade Switch IP addressIdle timeout Typographical conventions AaBbCc123Main Menu Menu summaryDelay Global commandsTraceroute host name IP address max-hops msec Command line history and editing Telnet hostname IP address portCommand line interface shortcuts Command stackingCommand abbreviation Tab completionConfiguring Simple Network Management Protocol support # /cfg/sys/access/snmp disableread onlyread/writeMain# /cfg # /cfg/sys/ssnmp/rcommwcommChanging the default administrator password Setting passwordsSystem# apply System# save Changing the default user password Changing the default operator password Information Menu Menu overviewSystem Information Menu SNMPv3 Information MenuAdminsha SNMPv3 USM User Table informationComm V1v2onlySNMPv3 Access Table information SNMPv3 View Table informationSNMPv3 Community Table information SNMPv3 Group Table informationPrefix SNMPv3 Target Address Table information SNMPv3 Target Parameters Table informationSNMPv3 Notify Table information Command /info/sys/snmpv3/notify NameTag V1v2trapv1v2trapSec Level SNMPv3 dump System information Show last 100 syslog messages System user informationLayer 2 information Cfg/sys/access/user/uid command8021x Stp Find MAC address Vlan FDB information menuPort port number Link Aggregation Control Protocol information Show all FDB informationLacp dump 802.1x information Port Auth Mode Authenticator PAE StateCommand /info/l2/stp Spanning Tree informationCurrent Root Path-CostPriority bridge HelloRapid Spanning Tree and Multiple Spanning Tree information Designated portDesg 8017 P2P2,Edge Desg 8018Disabled DSB Common Internal Spanning Tree information Trunk group information Disabled DSBDiscarding Disc , Learning LRN , Forwarding FWD , or Layer 2 general information Vlan informationLayer 3 information Route information Find IP addressGw IP address If IP addressShow all IP Route information Command /info/arp/dump IP address Flags MAC address ARP informationShow all ARP entry information VlanNbr nbr router-id A.B.C.D Ospf informationDbase Sumaddr Nsumadd Routes Dump Ospf interface information Ospf general informationOspf Database information menu Advrtr router-id A.B.C.D Asbrsum adv-rtr A.B.C.D Linkstateid A.B.C.DselfExt adv-rtr A.B.C.D linkstateid A.B.C.Dself Nw adv-rtr A.B.C.D linkstateid A.B.C.DselfRouting Information Protocol information Ospf route codes informationRIP Routes information IP information RIP user configurationIgmp multicast group information Igmp multicast router port information Command /info/l3/vrrp Vrrp informationVrrp information QoS information 802.1p informationQoS Menu 8021p Show QOS 802.1p information 8021pACL information Rmon Information MenuRmon history information IntervalCommand /info/rmon/event Rmon alarm informationRmon event information Link status information Port information Command /info/port Port Tag Rmon PvidVLANs Command /info/geaport Logical Port GEA Port0-based GEA Unit Uplink Failure Detection Enabled LtM status Down MemberLogical Port to GEA Port mapping Uplink Failure Detection informationCommand /info/dump Information dumpNtp clear Menu informationUfd clear Port Statistics Menu 802.1x statistics AuthenticatingAuthSuccessesWhile BackendNonNakResponsesFrom Bridging statisticsSupplicant Ethernet statistics Dot3StatsFCSErrors Dot3StatsInternalMacTransmitErrorsDot3StatsSingleCollisionFrames Dot3StatsMultipleCollisionFramesInterface statistics Internet Protocol IP statistics Link statisticsPort Rmon statistics Layer 2 statistics FDB statisticsLacp statistics Layer 3 statisticsArp clear Clrigmp 1- 4095 allGEA Layer 3 statistics menu GEA Layer 3 statisticsIP statistics L3 bucket for An IP address DumpRoute statistics ARP statisticsDNS statistics Icmp statisticsTCP statistics UDP statistics Command /stats/l3/ospf Igmp Multicast Group statisticsOspf statistics menu Ospf stats MenuOspf global statistics Tx ls Updates Nbr changeTimers Kickoff Vrrp statisticsCommand /stats/l3/rip Management Processor statisticsRIP statistics Packet statisticsAllocs 10ad41e8/10ad5790CPU statistics Access Control List ACL statistics menuACL statistics Snmp statistics Only NTP statistics Command /stats/dump Uplink Failure Detection statisticsStatistics dump Number of times LtM link in BlockingConfiguration Menu Saving the configuration Viewing, applying, reverting, and saving changesViewing pending changes Applying pending changesSystem configuration RemindersSystem host log configuration Line to endBannr 1-80 characters Host IP addressConsole disableenable Secure Shell Server configurationLog featureall enabledisable Radius server configuration Command /cfg/sys/radiusIntrval Sshport TCP port numberTACACS+ server configuration Telnet enabledisable Port TCP port numberNTP server configuration System Snmp configurationDlight disableenable Command /cfg/sys/ssnmpName 1-64 characters SNMPv3 configurationCharacters User Security Model configuration V1v2 disableenableSNMPv3 View configuration Name 1-32 charactersTree 1-32 characters Mask 1-32 charactersView-based Access Control Model configuration SNMPv3 Group configurationUsmsnmpv1snmpv2 Level NoAuthNoPrivauthNoUsmsnmpv1snmpv2 Uname SNMPv3 Community Table configurationDel Deletes the vacmSecurityToGroup entry Cur SNMPv3 Target Address Table configuration SNMPv3 Target Parameters Table configurationAddr transport Address ip Port transportSNMPv3 Notify Table configuration Snmpv1snmpv2csnmp ModelSystem Access configuration Management Networks configurationUser ID configuration User Access Control configurationUseroperadmin Name Https Access configuration Port configurationAccess enabledisable Name 1-64 characters none Port link configuration Temporarily disabling a port802.1x configuration Layer 2 configurationPort ACL/QoS configuration Mode force 802.1x Global configurationUnauthautoforce-auth 802.1x Port configuration Reauth onoffMode rstpmstp RevCommon Internal Spanning Tree configuration Bridge parameter menuPort parameter menu 4095Cist bridge configuration Cist port configurationSpanning Tree configuration Edge disableenableCost Link autop2psharedBridge Spanning Tree configuration Spanning Tree port configuration Cur Display current port Spanning Tree parametersStatic FDB configuration Forwarding Database configurationFastfwd disableenable Trunk configuration MAC address Vlan portClear mac MAC AddressVLAN 1-4095 Port port numberAll Add port numberLayer 2 IP Trunk Hash configuration IP Trunk Hash configurationLink Aggregation Control Protocol configuration Lacp Port configuration Vlan configurationTimeout shortlong Mode offactivepassivePort number Layer 3 configurationList of port numbers Addr IP address IP interface configurationMask IP subnet mask IP Static Route configuration Default Gateway configurationAddress Resolution Protocol configuration IP Forwarding configurationNetwork Filter configuration Dirbr disableenableAp AS number AS number AS Route Map configurationLp 0-4294967294 none IP Access List configuration Autonomous System Path configurationMetric 1-4294967294none Action permitdenyRouting Information Protocol configuration RIP Interface configuration Open Shortest Path First configuration RIP Route Redistribution configurationAdd 1-32 1-32all Remove 1-32 1-32allOsfp Area Index configuration Default 1-16777215 12noneMd5key 1-255 characters Redist fixedstaticripOspf Summary Range configuration Auth nonepasswordmd5Areaid IP address Type transitstubnssaOspf Interface configuration Mask IP address maskKey key stringnone Mdkey 1-255noneKey password Ospf Virtual Link configurationNbr IP address Ospf Host Entry configuration Ospf Route Redistribution configurationRem 1-32 1-32 ... all Export 1-16777215 12noneIgmp configuration Ospf MD5 Key configurationIgmp snooping configuration Aggr disableenableFastlv 1-4095 disableenable Srcip IP addressIgmp static multicast router configuration Igmp filtering configurationAdd port number 1-4095 FilterIgmp filtering port configuration Igmp filter definitionRange IP multicast address IP Multicast addressBootstrap Protocol Relay configuration Domain Name System configurationVirtual Router Redundancy Protocol configuration Vrrp Virtual Router configurationPreem disableenable Vrrp Virtual Router Priority Tracking configuration Vrrp Virtual Router Group configurationVrs disableenable Ifs disableenableVrrp Virtual Router Group Priority Tracking configuration Vrrp Tracking configuration Vrrp Interface configurationPassw password Access Control configuration Quality of Service configurationQoS 802.1p configuration Access Control List configuration Egrport port numberAction permitdenysetprio Stats edACL Ethernet Filter configuration ACL IP Version 4 Filter configurationSport 1-65535 port mask ACL TCP/UDP Filter configurationFlags value 0x0-0x3f ACL Meter configuration ACL Re-mark configurationEnable ed CirACL Re-mark In-Profile Update User Priority configuration ACL Re-mark In-Profile configurationACL Re-mark Out-of-Profile configuration ACL Packet Format configuration Remote Monitoring configurationACL Group configuration Ifoid 1-127 characters Rmon history configurationOwner 1-127 characters Rmon event configuration Rmon alarm configurationDescn 1-127 characters Type nonelogtrapbothPort mirroring Rlimit -2147483647 to2147483647 Flimit -2147483647 toUplink Failure Detection configuration Port-based port mirroringAdd mirrored port inoutboth Rem mirrored portFailure Detection Pair configuration Link to Monitor configurationAddport port number Remport port numberSaving the active switch configuration Link to Disable configurationDump Addport port number Remport port numberCommand /cfg/gtcfg FTP/TFTP server filename Restoring the active switch configurationConfiguration# gtcfg FTP/TFTP server filename Operations Menu Operations-level port optionsOperations-level port 802.1x options Reset ReauthOperations-level Vrrp options Updating the switch software image Downloading new software to the switchSelecting a software image to run AddressUploading a software image from the switch Selecting a configuration blockBoot Options# ptimg Boot Options# confResetting the switch Accessing the IscliBoot Options# reset Boot Options# curMaintenance Menu System maintenance options Forwarding Database optionsFlags new Nvram flags word as 0xXXXXXXXXDebugging options ARP cache optionsIgmp Multicast Group options IP Route Manipulation optionsBroadcastmartian Igmp Snooping options Igmp Mrouter optionsFTP/TFTP system dump put Uuencode flash dumpClearing dump information Panic command Command /maint/panicConfirm dump and reboot y/n y Unscheduled system dumpsIndex

Related manuals

Manual 33 pages 57.51 Kb