and encryption, but you can employ them independently by specifying one or the other with your SNMP manager requests. The IPSO system responds accordingly.

Note

Nokia systems do not protect traps with authentication or encryption.

Request Messages

You must configure your SNMP manager to specify the security you want. If you are using a UCD-SNMP/Net-SNMP based manager, here are the security-related options you can use in request messages:

Table 13 Security Related Options Used in Request Messages

Option

Description

-uname

-a MD5

-x DES

-Apassword

-Xpassword

-l [authNoPriv authPriv authPrivReq]

Specifies the user name.

Use MD5 hashing for authentication.

Use DES for encryption.

Specifies the user’s password/passphrase. Use for authentication. The password/passphrase must have at least 8 characters.

Specifies the user’s password/passphrase. Use for encryption. The password/passphrase must have at least 8 characters.

Specifies the security level:

authNoPriv: use authentication only

authPriv: use authentication and encryption is enabled

authPrivReq: use authentication and encryption is required

For example, to send an snmpwalk request from your manager with full protection, you would enter the following command:

snmpwalk -v 3 -u username -a MD5 -A password -x DES -X password -l authPriv system_name OID

For more information about USM, see RFC 3414.

Managing SNMP Users

SNMP users are maintained separately from system users. You can create SNMP user accounts with the same names as existing user accounts or different. You can create SNMP user accounts that have no corresponding system account. When you delete a system user account, you must separately delete the SNMP user account.

Nokia Network Voyager for IPSO 4.0 Reference Guide

263

Page 262 Page 264
Page 263
Image 263
Nokia IPSO 4.0 manual Managing Snmp Users, Security Related Options Used in Request Messages, Option Description
Page 262 Page 264
Top Page Image Contents