Configuring SNMPv3 Management Access 3

CLI – Use the snmp-server user command to configure a new user name and assign it to a group.

Console(config)#snmp-server user chris group r&d v3 auth md5

 

greenpeace priv des56 einstien

4-128

Console(config)#exit

 

Console#show snmp user

4-130

EngineId: 80000034030001f488f5200000

User Name: chris

Authentication Protocol: md5

Privacy Protocol: des56

Storage Type: nonvolatile

Row Status: active

Console#

Configuring Remote SNMPv3 Users

Each SNMPv3 user is defined by a unique name. Users must be configured with a specific security level and assigned to a group. The SNMPv3 group restricts users to a specific read and a write view.

To send inform messages to an SNMPv3 user on a remote device, you must first specify the engine identifier for the SNMP agent on the remote device where the user resides. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host. (See “Specifying Trap Managers and Trap Types” on page 3-41and “Specifying a Remote Engine ID” on page 3-44.)

Command Attributes

User Name – The name of user connecting to the SNMP agent. (Range: 1-32 characters)

Group Name – The name of the SNMP group to which the user is assigned. (Range: 1-32 characters)

Engine ID – The engine identifier for the SNMP agent on the remote device where the remote user resides. Note that the remote engine identifier must be specified before you configure a remote user. (See “Specifying a Remote Engine ID” on page 3-44.)

Remote IP – The Internet address of the remote device where the user resides.

Security Model – The user security model; SNMP v1, v2c or v3. (Default: v1)

Security Level – The security level used for the user:

-noAuthNoPriv – There is no authentication or encryption used in SNMP communications. (This is the default for SNMPv3.)

-AuthNoPriv – SNMP communications use authentication, but the data is not encrypted (only available for the SNMPv3 security model).

-AuthPriv – SNMP communications use both authentication and encryption (only available for the SNMPv3 security model).

Authentication Protocol – The method used for user authentication. (Options: MD5, SHA; Default: MD5)

Authentication Password – A minimum of eight plain text characters is required.

3-47

Page 91
Image 91
Accton Technology ES3552XA, ES3526XA manual Configuring Remote SNMPv3 Users, 130