SNMPv3 User Security Model configuration

Command: /cfg/sys/ssnmp/snmpv3/usm <usm number>

[SNMPv3 usmUser

1 Menu]

name

-

Set USM user name

auth

-

Set authentication protocol

authpw

-

Set authentication password

priv

-

Set privacy protocol

privpw

-

Set privacy password

del

-

Delete usmUser entry

cur

-

Display current usmUser configuration

 

 

 

You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the knowledge of applicable attributes of a user.

This menu helps you create a user security model entry for an authorized user. You need to provide a security name to create the USM entry.

The following table describes the User Security Model Configuration Menu options.

Table 66 User Security Model Configuration Menu options

Command

Description

name <1-32

Configures a string up to 32 characters long that represents the name of the user. This is

characters>

the login name that you need in order to access the switch.

auth md5shanone

Configures the authentication protocol between HMAC-MD5-96 or HMAC-SHA-96. The

 

default algorithm except usmUser 1-2 is none.

authpw

Configures your password for authentication. If you selected an authentication algorithm

 

using the above command, you need to provide a password; otherwise you will get an

 

error message during validation.

priv desnone

Configures the type of privacy protocol on the switch. The privacy protocol protects

 

messages from disclosure. The options are des (CBC-DES Symmetric Encryption

 

Protocol) or none. If you specify des as the privacy protocol, then be sure that you have

 

selected one of the authentication protocols (MD5 or HMAC-SHA-96). If you select none

 

as the authentication protocol, you will get an error message.

privpw

Configures the privacy password.

del

Deletes the USM user entries.

cur

Displays the USM user entries.

SNMPv3 View configuration

Command: /cfg/sys/ssnmp/snmpv3/view <view number>

[SNMPv3 vacmViewTreeFamily 1 Menu]

name

- Set view name

tree

- Set MIB subtree(OID) which defines a family of view subtrees

mask

- Set view mask

type

- Set view type

del

- Delete vacmViewTreeFamily entry

cur

- Display current vacmViewTreeFamily configuration

The following table describes the SNMPv3 View Configuration Menu options.

Table 67 SNMPv3 View Configuration Menu options

Command

Description

 

name <1-32 characters>

Defines the name for a family of view subtrees up to a maximum of 32

 

characters.

 

tree <1-64 characters>

Defines the Object Identifier (OID), a string of maximum 64 characters,

 

which when combined with the corresponding mask defines a family of view

 

subtrees.

 

An example of an OID is 1.3.6.1.2.1.1.1.0

 

mask <1-32 characters>

Defines the bit mask, which in combination with the corresponding tree

 

defines a family of view subtrees. The mask can have a maximum of 32

 

characters.

 

type includedexcluded

Selects whether the corresponding instances of

 

vacmViewTreeFamilySubtree and

 

vacmViewTreeFamilyMask define a family of view subtrees, which is

 

included in or excluded from the MIB view.

 

 

Command Line Interface 70