Cisco Systems 0L-11350-01

18-11

Cisco IOS Software Configuration Guide for Cisco Aironet Access Points

OL-11350-01

Chapter18 Configuring SNMP

Configuring SNMP

This example shows how to assign the strings open and ieee to SNMP, to allow read-write access for

both, and to specify that open is the community string for queries on non-IEEE802dot11-MIB objects

and ieee is the community string for queries on IEEE802dot11-mib objects:

bridge(config)# snmp-server view dot11view ieee802dot11 included

bridge(config)# snmp-server community open rw

bridge(config)# snmp-server community ieee view ieee802dot11 rw

This example shows how to permit any SNMP manager to access all objects with read-only permission

using the community string public. The access point also sends config traps to the hosts 192.180.1.111

and 192.180.1.33 using SNMPv1 and to the host 192.180.1.27 using SNMPv2C. The community string

public is sent with the traps.

AP(config)# snmp-server community public

AP(config)# snmp-server enable traps config

AP(config)# snmp-server host 192.180.1.27 version 2c public

AP(config)# snmp-server host 192.180.1.111 version 1 public

AP(config)# snmp-server host 192.180.1.33 public

This example shows how to allow read-only access for all objects to members of access list 4 that use

the comaccess community string. No other SNMP managers have access to any objects. SNMP

Authentication Failure traps are sent by SNMPv2C to the host cisco.com using the community string

public.

AP(config)# snmp-server community comaccess ro 4

AP(config)# snmp-server enable traps snmp authentication

AP(config)# snmp-server host cisco.com version 2c public

This example shows how to send Entity MIB traps to the host cisco.com. The community string is

restricted. The first line enables the access point to send Entity MIB traps in addition to any traps

previously enabled. The second line specifies the destination of these traps and overwrites any previous

snmp-server host commands for the host cisco.com.

AP(config)# snmp-server enable traps entity

AP(config)# snmp-server host cisco.com restricted entity

This example shows how to enable the access point to send all traps to the host myhost.cisco.com using

the community string public:

AP(config)# snmp-server enable traps

AP(config)# snmp-server host myhost.cisco.com public

This example shows how to configure these SNMPv3 settings:

•a view name (iso)

•an SNMP engine ID (1234567890) that this agent uses to identify itself to the remote host at IP

address 1.4.74.10

•an SNMPv3 group (admin) which supports privacy encryption, and all users of the group have read

and write access to all objects defined in the iso view

•an SNMP user (joe) that belongs to the admin group, uses MD5 authentication for queries, uses

xyz123 as a password for MD5, uses DES56 data query encryption, and uses key007 as an encryption

key

•an SNMP user (fred) that belongs to the admin group, uses MD5 authentication for queries, uses

abc789 as an encrypted password for MD5, uses DES56 data query encryption, and uses key99 as

an encryption key

AP(config)# snmp-server view iso iso included

AP(config)# snmp-server engineID remote 1.4.74.10 1234567890

AP(config)# snmp-server group admin v3 priv