6 SNMP community strings

“SNMP version 3 traps”

“Displaying SNMP Information”

“SNMP v3 configuration examples”

Restricting SNMP access using ACL, VLAN, or a specific IP address constitute the first level of defense when the packet arrives at a Brocade device. The next level uses one of the following methods:

Community string match In SNMP versions 1 and 2

User-based model in SNMP version 3

SNMP views are incorporated in community strings and the user-based model.

SNMP community strings

SNMP versions 1 and 2 use community strings to restrict SNMP access. You can configure as many additional read-only and read-write community strings as you need. The number of strings you can configure depends on the memory on the device. There is no practical limit.

NOTE

If you delete the startup-config file, the device automatically re-adds the default “public” read-only community string the next time you load the software.

Encryption of SNMP community strings

The software automatically encrypts SNMP community strings. Users with read-only access or who do not have access to management functions in the CLI cannot display the strings.

Encryption is enabled by default. You can disable encryption for individual strings or trap receivers if desired. Refer to the next section for information about encryption.

Adding an SNMP community string

The default SNMP community name (string) on a device is “public” with read only privilege.

You can assign other SNMP community strings, and indicate if the string is encrypted or clear. By default, the string is encrypted.

To add an encrypted community string, enter commands such as the following.

Brocade(config)#snmp-server community private rw

Brocade(config)#write memory

Syntax: snmp-server community [0 1] <string>

ro rw [view <viewname>] [<standard-ACL-name> <standard-ACL-id>]

The <string> parameter specifies the community string name. The string can be up to 32 characters long.

The ro rw parameter specifies whether the string is read-only (ro) or read-write (rw).

156

Brocade ICX 6650 Administration Guide

 

53-1002600-01

Page 174
Image 174
Brocade Communications Systems 6650 manual Encryption of Snmp community strings, Adding an Snmp community string