60-67
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 60 Router Device Administration
SNMP on Cisco IOS Routers
Enabling SNMP Traps, page 60-68
Defining SNMP Agent Properties
When you define the properties of the SNMP agent, you must define the community string and
community string type, as well as the address and properties of the SNMP host that receives the traps.
SNMP community strings are embedded passwords to MIBs, which store data about the router’s
operation and are meant to be available to authenticated remote users. Two types of community strings
exist: “public” community strings, which provide read-only access to all objects in the MIB (except
community strings themselves), and “private” community strings, which provide read-write access to all
objects in the MIB (except community strings).
SNMP hosts receive the traps generated by the router. You must define the address, password, and port
number for accessing the SNMP host, as well as the SNMP version being used. Security Manager
supports SNMP version 1, version 2c (also called “community-based SNMP”) and version 3, which
offers authentication and encryption.
Related Topics
SNMP on Cisco IOS Routers, page 60-66
Step 1 Do one of the following:
(Device view) Select Platform > Device Admin > Device Access > SNMP from the Policy selector.
(Policy view) Select Router Platform > Device Admin > Device Access > SNMP from the Policy
Type selector. Select an existing policy or create a new one.
The SNMP page is displayed. See Table60-29 on page 60-69 for a description of the fields on this page.
Step 2 Define the community string needed to access the MIB:
a. Under Permissions, click Add to display the Permission dialog box.
b. Define the string. See Table 60-30 on page60-70 for a description of the available fields.
c. Click OK to save your definitions locally on the client and close the dialog box. Your definitions are
displayed in the Permissions table.
Note A warning is displayed if you attempt to edit or delete a community string that is in use by
an SNMP host. If you continue with the operation, the device creates a private, read-only
string that matches the definition for the host in the Trap Receiver table.
Step 3 Define the SNMP host that receives the traps generated by the SNMP agent:
a. Under Trap Receiver, click Add to display the Trap Receiver dialog box.
b. Define the host. See Table 60-31 on page 60-71 for a description of the available fields.
c. Click OK to save your definitions locally on the client and close the dialog box. Your definitions are
displayed in the Trap Receiver table.
Step 4 Under SNMP Server Properties, enter the location and contact information for the administrator
responsible for routers configured with this SNMP policy.
This definition, which is text-only and does not affect the operation of the router, provides useful
information to the manager of the SNMP host when the manager investigates a particular trap.