For a more detailed explanation on how to configure the switch for access from
SNMP v3 clients, refer to “Simple Network Management P rotocol” on page 5-1, or
refer to the specific CLI commands for SNMP star ting on pa ge 24-1 .
Managing System Files
The switch’s flash memory supports three types of system files that can be managed
by the CLI program, web interface, or SNMP. The switch’s file s yste m allo ws fi les to
be uploaded and downloaded, copied, deleted, and set as a start -up file.
The three types of f ile s ar e:
Configuration — This file type stores system confi guration infor mation a nd is
created when configuration settings are saved. Saved configuration files can be
selected as a system start-up file or can be uploaded vi a TFTP to a ser ver for
backup. The file named “Factory_Default_Config.cfg” contains all the system
default settings and cannot be deleted from the system. If the system is booted with
the factory default settings, the master unit will also create a file named
“startup1.cfg” that contains system settings for stack initialization, includin g
information about the unit identifier, MAC address, a nd installed module type for
each unit the stack. The configuration settings from the fact ory defaults
configuration file are copied to this file, whic h is then used to boot th e stack. See
“Saving or Restoring Configuration Settings” on page 4-24 for more information.
Operation Code
— System software that is executed after boot-up, also known as
run-time code. This code runs the switch operations and provides the CLI and web
management interfaces. See “Managing Firmware” on page 4-21 for more
information.

2-15

Managing System Files

Configuring Access for SNMP Version 3 Clients

To configure management access for SNMPv3 clients, you need to first create a
view that defines the portions of MIB that the client can read or write, assign t he v ie w
to a group, and then assign the user to a group. The fo llowing ex ample creates one
view called “mib-2” that includes the entire MIB-2 tree branch, and then a no th er v iew
that includes the IEEE 802.1d bridge MIB. It assigns these respective read and read/
write views to a group call “r&d” and specifies group aut hentic atio n via MD5 o r S HA.
In the last step, it assigns a v3 user to this group, indicating that MD5 will be used for
authentication, provides the password “greenpeace” for authentication, and the
password “einstien” for encryption.
Console(config)#snmp-server view mib-2 1.3.6.1.2.1 included
Console(config)#snmp-server view 802.1d 1.3.6.1.2.1.17 included
Console(config)#snmp-server group r&d v3 auth mib-2 802.1d
Console(config)#snmp-server user steve group r&d v3 auth md5
greenpeace priv des56 einstien
Console(config)#
2
24-10
24-11
2
4
-
1
4