Managing the device securely
Examples To allow the user “steve” full read, write and notify SNMP access to the switch:
enable snmp
add snmp view=full oid=1.3.6.1 type=include
add snmp
add snmp user=steve
To also give the user “jane” read and notify access to everything on the switch, add the following commands:
add snmp group=users securitylevel=authNoPriv readview=full notifyview=full
add snmp user=jane group=users authprotocol=md5 authpassword=redjeans
To also give the user “paul” unauthenticated read access to everything on the switch except BGP, add the following commands:
add snmp view=restricted oid=1.3.6.1 type=include
#exclude bgp by specifying either mib=bgp or oid=1.3.6.1.2.1.15: add snmp view=restricted mib=bgp type=exclude
add snmp
add snmp user=paul
To also send traps securely to the PC with IP address 192.168.11.23 for user “steve” to see, add the following commands:
add snmp targetparams=netmonpc securitylevel=authPriv user=steve
add snmp targetaddress=nms ip=192.168.11.23 udp=162 params=netmonpc
For more information about the above examples, see How To Configure SNMPv3 On Allied Telesis Routers and Managed Layer 3 Switches, available from www.alliedtelesis.com/resources/ literature/howto.aspx. This How To Note also explains SNMPv3 concepts in detail, including users, groups and views.
Create A Secure Network With Allied Telesis Managed Layer 3 Switches | 11 |