29-9
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
OL-9639-06
Chapter 29 Configuring SNMP Configuring SNMP
Beginning in privileged EXEC mode, follow these steps to configure a community string on the switch:
Note To disable access for an SNMP community, set the community string for that community to the null
string (do not enter a value for the community string).
To remove a specific community string, use the no snmp-server community string global configuration
command.
Command Purpose
Step 1 configure terminal Enter global configuration mode.
Step 2 snmp-server community string [view
view-name] [ro | rw] [access-list-name or
number]
Configure the community string.
Note The @ symbol is used for delimiting the context information.
Avoid using the @ symbol as part of the SNMP community
string when configuring this command.
For string, specify a string that acts like a password and permits
access to the SNMP protocol. You can configure one or more
community strings of any length.
(Optional) For view, specify the view record accessible to the
community.
(Optional) Specify either read-only (ro) if you want authorized
management stations to retrieve MIB objects, or specify read-write
(rw) if you want authorized management stations to retrieve and
modify MIB objects. By default, the community string permits
read-only access to all objects.
(Optional) For access-list-number, enter an IP standard access list
numbered from 1 to 99 and 1300 to 1999.
Step 3 access-list access-list-number {deny |
permit} source [source-wildcard](Optional) If you specified an IP standard access list number in Step 2,
then create the list, repeating the command as many times as necessary.
For access-list-number, enter the access list number specified in
Step 2.
The deny keyword denies access if the conditions are matched. The
permit keyword permits access if the conditions are matched.
For source, enter the IP address of the SNMP managers that are
permitted to use the community string to gain access to the agent.
(Optional) For source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Step 4 end Return to privileged EXEC mode.
Step 5 show running-config Verify your entries.
Step 6 copy running-config startup-config (Optional) Save your entries in the configuration file.