Manuals / HP / Computer Equipment / Switch

HP BMD00022 manual User Security Model configuration, Command /cfg/sys/ssnmp/snmpv3/usm

Models: BMD00022

1 228

Download 228 pages 32.29 Kb

Page 121

The following table describes the SNMPv3 Configuration Menu options.

Table 86 SNMPv3 Configuration Menu options

Command	Description

usm <1-16>	Configures a user security model (USM) entry for an authorized user. You can
	also configure this entry through SNMP. The range is 1-16.

view <1-128>	Configures different MIB views. The range is 1-128.

access <1-32>	Configures access rights. The View-based Access Control Model defines a set of
	services that an application can use for checking access rights of the user. You
	need access control when you have to process retrieval or modification request
	from an SNMP entity. The range is 1-32.

group <1-16>	Configures an SNMP group. A group maps the user name to the access group
	names and their access rights needed to access SNMP management objects. A
	group defines the access rights assigned to all names that belong to a particular
	group. The range is 1-16.

comm <1-16>	Configures a community table entry. The community table contains objects for
	mapping community strings and version-independent SNMP message parameters.
	The range is 1-16.

taddr <1-16>	Configures the destination address and user security levels for outgoing
	notifications. This is also called the transport endpoint. The range is 1-16.

tparam <1-16>	Configures SNMP parameters, consisting of message processing model, security
	model, security level, and security name information. There may be multiple
	transport endpoints associated with a particular set of SNMP parameters, or a
	particular transport endpoint may be associated with several sets of SNMP
	parameters.

notify <1-16>	Configures a notification index. A notification application typically monitors a
	system for particular events or conditions, and generates Notification-Class
	messages based on these events or conditions. The range is 1-16.

v1v2 disableenable	Enables or disables the access to SNMP version 1 and version 2. This command
	is enabled by default.

cur	Displays the current SNMPv3 configuration.

User Security Model configuration

Command: /cfg/sys/ssnmp/snmpv3/usm

[SNMPv3 usmUser		1 Menu]
name	-	Set USM user name
auth	-	Set authentication protocol
authpw	-	Set authentication password
priv	-	Set privacy protocol
privpw	-	Set privacy password
del	-	Delete usmUser entry
cur	-	Display current usmUser configuration

You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the knowledge of applicable attributes of a user.

This menu helps you create a user security model entry for an authorized user. You need to provide a security name to create the USM entry.

Configuration Menu 121

Image 121

HP BMD00022 manual User Security Model configuration, Command /cfg/sys/ssnmp/snmpv3/usm, V1v2 disableenable

Contents

HP 10Gb Ethernet BL-c Switch Legal notices Contents Statistics Menu 100102 101103 105164 163165 168Index 224 Introduction Connecting to the switchAdditional references Establishing a console connection Setting an IP addressParameter Value Establishing a Telnet connection Telnet 10GbE switch IP addressEstablishing an SSH connection 3DESYou will then be prompted to enter your password Accessing the switch# ssh user@10Gb switch IP address User account Description and tasks performed Idle timeoutTypographical conventions Typeface or Meaning Example SymbolAaBbCc123 AddressMenu summary Main MenuFollowing table describes the global commands Global commandsCommand Action Or printExit or Quit Traceroute host name IP address max-hops msec delayVerbose n Telnet hostname IP address port -m-mgt-d-dataOption Description Command line history and editingCommand stacking Command line interface shortcutsCommand abbreviation Tab completionMain# /cfg Configuration Menu is displayedConfiguring Simple Network Management Protocol support Setting passwordsChanging the default administrator password Use the following command to enable SnmpEnter the new administrator password at the prompt Enter the current administrator password at the promptEnter the new administrator password, again, at the prompt System Menu is displayedChanging the default operator password Changing the default user passwordEnter the new operator password, again, at the prompt Enter the new operator password at the promptEnter new operator password Re-enter new operator passwordCommand Usage Command /infoMenu overview Following table describes the Information Menu optionsSystem Information Menu Command /info/sysSNMPv3 Information Menu Command /info/sys/snmpv3Command /info/sys/snmpv3/view Command /info/sys/snmpv3/usmSNMPv3 USM User Table information SNMPv3 View Table informationCommand /info/sys/snmpv3/access SNMPv3 Access Table informationFollowing table describes the SNMPv3 View Table information Command /info/sys/snmpv3/comm Command /info/sys/snmpv3/groupSNMPv3 Group Table information SNMPv3 Community Table informationCommand /info/sys/snmpv3/tparam Command /info/sys/snmpv3/taddrSNMPv3 Target Address Table information SNMPv3 Target Parameters Table informationSNMPv3 Notify Table information Command /info/sys/snmpv3/notifyNameTag V1v2trapv1v2trap SNMPv3 dump Command /info/sys/snmpv3/dumpSystem information Command /info/sys/genShow last 100 syslog messages Command /info/sys/logCfg/sys/access/user/uid command Command /info/sys/userSystem user information Following table describes the User Name informationLayer 2 information Command /info/l2FDB information menu Command /info/l2/fdbFind MAC address Vlan Port port numberCommand /info/l2/lacp Command /info/l2/fdb/dumpLink Aggregation Control Protocol information Show all FDB informationCommand /info/l2/hotlink/trigger Command /info/l2/lacp/dumpHot Links Trigger information Lacp dump802.1X information Command /info/l2/8021xFollowing table describes the Ieee 802.1X parameters Backend Auth State Authenticator PAE StateSpanning Tree information Command /info/l2/stpParameters Description Desg 8017 P2P2,Edge Rapid Spanning Tree / Multiple Spanning Tree informationDesg 8018 Parameter Description Common Internal Spanning Tree information Command /info/l2/cistCist Root Following table describes the Cist parametersCommand /info/l2/vlan Command /info/l2/trunkTrunk group 1, Enabled port state STG 1 forwarding Trunk group informationSTP uplink fast mode disabled Command /info/l2/uplinkSTP uplink fast mode Fast Uplink Convergence statusLayer 3 information Command /info/l3Command /info/l3/route/dump Command /info/l3/routeRoute information Show all IP Route informationFollowing table describes the Tag parameter Following table describes the Type parameterCommand /info/arp/dump Command /info/arpARP information Show all ARP entry informationCommand /info/l3/ospf Command /info/arp/addrOspf information ARP address list informationCommand /info/l3/ospf/if Command /info/l3/ospf/generalOspf general information Ospf interface informationOspf Database information menu Command /info/l3/ospf/dbaseOspf route codes information Command /info/l3/ospf/routesRtr adv-rtr A.B.C.D Linkstateid A.B.C.DselfRouting Information Protocol information RIP user configurationRIP Routes information IP information Command /info/l3/ipTimer information Command /info/l3/igmpCommand /info/l3/igmp/dump Igmp multicast group information4094 Igmp multicast router informationVrrp information Command /info/l3/vrrpServer Mobility Port information Command /info/l3/sm/portCommand /info/qos/8021p Command /info/qosQoS information 802.1p informationACL information Command /info/aclCommand /info/rmon/hist Command /info/rmonRmon Information Menu Rmon history informationCommand /info/rmon/alarm Rmon alarm informationTrap, both Command /info/rmon/eventLink status information Command /info/linkCommand /info/transcvr Command /info/portPort information Transceiver statusCommand /info/dump Command /info/ufdUplink Failure Detection information Information dumpMenu information Command /statsFollowing table describes the Statistics Menu options Ntp clearPort Statistics Menu Command /stats/port port numberSfd clear 802.1X statistics Command /stats/port port number/8021xStatistics Port BackendNonNakResponsesFromSupplic ant Bridging statistics Command /stats/port port number/brgStatistics Description Ethernet statistics Command /stats/port port number/etherDot3StatsCarrierSenseErrors object Dot3StatsInternalMacTransmitErrorsDot3StatsMultipleCollisionFrames Dot3StatsSingleCollisionFrames objectInterface statistics Command /stats/port port number/ifErrors-IfHCOut Errors-IfHCInOctets-IfHCOut UcastPkts-IfHCOutCommand /stats/port port number/link Command /stats/port port number/ipInternet Protocol IP statistics Link statisticsPort Rmon statistics Command /stats/port port number/rmonEtherStatsJabbers EtherStatsFragmentsEtherStatsCollisions EtherStatsPkts64OctetsCommand /stats/l2/lacp port number Command /stats/l2/fdbLayer 2 statistics FDB statisticsHot Links statistics Command /stats/l2/hotlinkFollowing table describes the Hot Links statistics Statistic DescriptionLayer 3 statistics Command /stats/l3Arp clear IgmpgrpsCommand /stats/l3/geal3/dump Command /stats/l3/geal3GEA Layer 3 statistics menu GEA statisticsIP statistics Command /stats/l3/ipFollowing table describes the IP statistics DNS statistics ARP statisticsRoute statistics Icmp statistics Command /stats/l3/icmpTCP statistics Command /stats/l3/tcpSemantics of the Ubound quantity described in RFC Command /stats/l3/igmp Vlan number Command /stats/l3/udpUDP statistics Igmp Multicast Group statisticsOspf statistics menu Command /stats/l3/ospfFollowing table describes the Ospf statistics menu options Ospf global statistics Command /stats/l3/ospf/generalFollowing table describes the Ospf global statistics Tx ls Updates Rx ls UpdatesRx ls Acks Tx ls AcksNbr change Timers Kickoff HelloVrrp statistics Command /stats/l3/vrrpFollowing table describes the Vrrp statistics RIP statistics Command /stats/l3/ripManagement Processor statistics Command /stats/mp/pktPacket statistics Command /stats/mp/ucb Command /stats/mp/tcbCPU statistics Access Control List ACL statistics menuACL statistics Snmp statistics Command /stats/snmpNoSuchName NTP statistics Command /stats/ntpUplink Failure Detection statistics Command /stats/ufdFollowing table describes the NTP statistics Primary ServerStatistics dump Command /stats/dumpFollowing table describes the Configuration Menu options Command /cfgViewing pending changes Viewing, applying, reverting, and saving changesApplying pending changes Reverting changesReminders Saving the configurationCfg/sys/reminders dis # saveCommand /cfg/sys System configurationAddress. The default value is enabled System host log configurationCommand /cfg/sys/syslog Multi-line to endConsole disableenable Command DescriptionLog featureall enabledisable Host IP addressCommand /cfg/sys/sshd Secure Shell Server configurationIntrval Sshport TCP port numberCommand /cfg/sys/radius Radius server configurationCommand /cfg/sys/tacacs+ TACACS+ server configurationUseroperadminnone Cmap enabledisablePort TCP port number Command /cfg/sys/ntp NTP server configurationMgtdata Command /cfg/sys/ssnmp System Snmp configurationCommand /cfg/sys/ssnmp/snmpv3 SNMPv3 configurationWcomm 1-32 characters Command /cfg/sys/ssnmp/snmpv3/usm User Security Model configurationV1v2 disableenable Command /cfg/sys/ssnmp/snmpv3/view SNMPv3 View configurationName 1-32 characters CharactersCommand /cfg/sys/ssnmp/snmpv3/access View-based Access Control Model configurationRview 1-32 characters Wview 1-32 charactersSNMPv3 Community Table configuration SNMPv3 Group configurationCommand /cfg/sys/ssnmp/snmpv3/group Command /cfg/sys/ssnmp/snmpv3/commCommand /cfg/sys/ssnmp/snmpv3/taddr SNMPv3 Target Address Table configurationCommand /cfg/sys/ssnmp/snmpv3/tparam SNMPv3 Target Parameters Table configurationAuthPriv Snmpv1snmpv2csnmpv3SNMPv3 Notify Table configuration System Access configurationCommand /cfg/sys/ssnmp/snmpv3/notify Command /cfg/sys/accessCommand /cfg/sys/access/mgmt Management Networks configurationUser ID configuration User Access Control configurationCommand /cfg/sys/access/user Command /cfg/sys/access/user/uidCommand /cfg/sys/access/https Https Access configurationAccess enabledisable Command /cfg/port port number Port configurationCommand /cfg/port port number/gig Port link configurationTemporarily disabling a port Command /cfg/port port number/aclqos Port ACL/QoS configurationCommand /cfg/port port number/stp Port Pvrst configurationEdge enabledisable Link autop2psharedCommand /cfg/l2 Layer 2 configurationEnabledisable Bpdugrd enabledisableCommand /cfg/l2/8021x 802.1X configurationCommand /cfg/l2/8021x/global 802.1X Global configurationCommandDescription Command /cfg/l2/8021x/port port number 802.1X Port configuration802.1X Port Configuration Menu Applies the global 802.1X parameters to the port Rev Command /cfg/l2/mrstRstpmstppvrst Following configurations are unsupported Common Internal Spanning Tree configurationFollowing configurations are supported Command /cfg/l2/mrst/cistCommand /cfg/l2/mrst/cist/brg Cist bridge configurationCommand /cfg/l2/mrst/cist/port port number Cist port configurationCost Command /cfg/l2/stp Spanning Tree configurationEdge disableenable Command /cfg/l2/stp/brg Bridge Spanning Tree configurationCommand /cfg/l2/stp 1-128/port port number Spanning Tree port configurationFastfwd disableenable Static FDB configuration Forwarding Database configurationCommand /cfg/l2/fdb Command /cfg/l2/fdb/staticCommand /cfg/l2/trunk Trunk configurationAdd port number Rem port numberLayer 2 IP Trunk Hash configuration IP Trunk Hash configurationCommand /cfg/l2/thash Command /cfg/l2/thash/setLacp Port configuration Link Aggregation Control Protocol configurationCommand /cfg/l2/lacp Command /cfg/l2/lacp/port port numberCommand /cfg/l2/vlan Vlan configurationDef list of port numbers Command /cfg/l2/vlan x/pvlan Protocol Vlan configurationPty Ether2SNAPLLC Ethernet typeCommand /cfg/l2/vlan x/privlan Private Vlan configurationTagpvl enabledisable Type primaryisolatedcommunityCommand /cfg/l2/hotlink Hot Links configurationBpdu enabledisable Sndfdb enabledisableHot Links Master configuration Hot Links Trigger configurationCommand /cfg/l2/hotlink/trigger Command /cfg/l2/hotlink/trigger 1-4/masterCommand /cfg/l2/hotlink/trigger 1-4/backup Hot Links Backup configurationFollowing table describes the Hot Links Backup Menu options Command /cfg/l3 Layer 3 configurationGw 1-4 Command /cfg/l3/if IP interface configurationRelay disableenable Addr IP addressCommand /cfg/l3/gw 1-4 Default Gateway configurationArp disableenable Address Resolution Protocol configuration IP Static Route configurationCommand /cfg/l3/route Command /cfg/l3/arpIP Forwarding configuration Static ARP configurationCommand /cfg/l3/arp/static Command /cfg/l3/frwdRoute Map configuration Network Filter configurationCommand /cfg/l3/nwf Command /cfg/l3/rmapCommand /cfg/l3/rmap 1-32/alist IP Access List configurationType 12none Metric 1-16777214noneCommand /cfg/l3/rip Routing Information Protocol configurationCurrent Display current RIP configuration Off Globally turnCommand /cfg/l3/rip/if RIP Interface configurationCommand /cfg/l3/rip/redist fixedstaticospfeospf RIP Route Redistribution configurationAdd 1-32 1-32all Remove 1-32 1-32allCommand /cfg/l3/ospf Open Shortest Path First configurationMd5key 1-255 characters Command /cfg/l3/ospf/aindex Osfp Area Index configurationAuth nonepasswordmd5 Areaid IP addressOspf Summary Range configuration Ospf Interface configurationCommand /cfg/l3/ospf/range Command /cfg/l3/ospf/ifMdkey 1-255none Key key stringnoneCommand /cfg/l3/ospf/virt Ospf Virtual Link configurationKey password Nbr IP addressOspf Route Redistribution configuration Ospf Host Entry configurationCommand /cfg/l3/ospf/host Command /cfg/l3/ospf/redist fixedstaticripCommand /cfg/l3/ospf/md5key key ID Ospf MD5 Key configurationExport 1-16777215 12none Key 1-16 charactersIgmp snooping configuration Igmp configurationCommand /cfg/l3/igmp Command /cfg/l3/igmp/snoopAggr disableenable Flood disableenablePorts Igmpv3Command /cfg/l3/igmp/snoop/igmpv3 IGMPv3 Snooping configurationIgmp filtering configuration Igmp static multicast router configurationAdd port number 1-4094 Remove port numberCommand /cfg/l3/igmp/igmpflt/filter Igmp filtering port configurationCommand /cfg/l3/igmp/igmpflt/port port number Igmp filter definitionBootstrap Protocol Relay configuration Domain Name System configurationCommand /cfg/l3/dns Command /cfg/l3/bootpCommand /cfg/l3/sm Server Mobility configurationFilter enabledisable Nsmrelay enabledisableCommand /cfg/l3/sm/port port number Server Mobility port configurationAddback port number Remback port numberCommand /cfg/l3/vrrp Virtual Router Redundancy Protocol configurationCur Display current Vrrp configuration Command /cfg/l3/vrrp/vr Vrrp Virtual Router configurationCommand /cfg/l3/vrrp/vr 1-250/track Vrrp Virtual Router Priority Tracking configurationPreem disableenable Switch portsCommand /cfg/l3/vrrp/group Vrrp Virtual Router Group configurationVrs disableenable Ifs disableenableVirtual Router Group Configuration Menu options Vrrp Interface configuration Vrrp Virtual Router Group Priority Tracking configurationCommand /cfg/l3/vrrp/group/track Command /cfg/l3/vrrp/ifCommand /cfg/l3/vrrp/track Vrrp Tracking configurationQoS 802.1p configuration Quality of Service configurationCommand /cfg/qos Command /cfg/qos/8021pAccess Control List configuration Access Control configurationCommand /cfg/acl Command /cfg/acl/aclCommand /cfg/acl/acl 1-384/ethernet ACL Ethernet Filter configurationCommand /cfg/acl/acl 1-384/ipv4 ACL IP Version 4 Filter configurationSip IP address IP mask Dip IP address IP maskCommand /cfg/acl/acl 1-384/tcpudp ACL TCP/UDP Filter configurationFiltering TCP/UDP Menu Sport 1-65535 port maskACL Re-mark configuration ACL Meter configurationCommand /cfg/acl/acl 1-384/meter Command /cfg/acl/acl 1-384/re-markACL Re-mark In-Profile Update User Priority configuration ACL Re-mark In-Profile configurationCommand /cfg/acl/acl 1-384/re-mark/inprof Command /cfg/acl/acl 1-384/re-mark/inprof/up1pACL Re-mark Out-of-Profile configuration ACL Packet Format configurationCommand /cfg/acl/acl 1-384/re-mark/outprof Command /cfg/acl/acl 1-384/pktfmtCommand /cfg/acl/group ACL Group configurationAdd acl Rem aclRmon history configuration Remote Monitoring configurationCommand /cfg/rmon Command /cfg/rmon/histCommand /cfg/rmon/event Rmon event configurationFollowing table describes the Rmon Event Menu options Owner 1-127 charactersCommand /cfg/rmon/alarm Rmon alarm configurationOid 1-127 characters Rlimit -2147483647 toMirror disableenable Command /cfg/pmirrPort mirroring Monport port numberPort-based port mirroring Command /cfg/pmirr/monport port numberAdd mirrored port inoutboth Rem mirrored portFailure Detection Pair configuration Uplink Failure Detection configurationCommand /cfg/ufd Command /cfg/ufd/fdpCommand /cfg/ufd/fdp/ltm Link to Monitor configurationRemoves a Lacp admin key from the LtM Addport port numberAddport port number Remport port number Link to Disable configurationAddtrunk Remtrunk Addkey Remkey CurRestoring the active switch configuration Saving the active switch configurationCommand /cfg/ptcfg FTP/TFTP server filename Command /cfg/gtcfg FTP/TFTP server filenameCommand /oper/port port number Command /operOperations-level port options Following table describes the Operations Menu optionsRmon disableenable Command /oper/port port number/8021xOperations-level port 802.1X options Vrrp Operations Menu Back Set virtual router to backup Command /oper/vrrpOperations-level Vrrp options Downloading new software to the switch Updating the switch software imageCommand /boot Enter the hostname or IP address of the FTP or Tftp server Enter the password for the FTP server if promptedEnter the name of the new software file on the server Enter the port type to use for the file transferSelecting a software image to run Uploading a software image from the switchNew choice System prompts you for information. Enter the desired imageResetting the switch Selecting a configuration blockBoot Options# conf Boot Options# resetBoot Options# mode iscli Accessing the IscliSwitch# boot cli-mode aos Command /maint Maintenance MenuCommand /maint/sys System maintenance optionsSystem Maintenance Menu Flags Set Nvram flag word Flags new Nvram flags word asCommand /maint/debug Command /maint/fdbForwarding Database options Debugging optionsARP cache options Command /maint/arpMP trace buffer at 132815 Fri May 25, 2002 mask 0x2ffdf748 Command /maint/igmp Command /maint/routeIP Route Manipulation options Igmp Multicast Group optionsCommand /maint/igmp/mrouter Command /maint/igmp/snoopIgmp Snooping options Igmp Mrouter optionsFTP/TFTP system dump put Uuencode flash dumpClearing dump information Command /maint/panic Panic commandEnter y to confirm the command Unscheduled system dumpsIndex Page Rmon Snmp Vrrp