3 Configuring the Switch

Configuring SNMPv3 Management Access

To configure SNMPv3 management access to the switch, follow these steps:

1.If you want to change the default engine ID, it must be changed first before configuring other parameters.

2.Specify read and write access views for the switch MIB tree.

3.Configure SNMP user groups with the required security model (i.e., SNMP v1, v2c or v3) and security level (i.e., authentication and privacy).

4.Assign SNMP users to groups, along with their specific authentication and privacy passwords.

Setting the Local Engine ID

An SNMPv3 engine is an independent SNMP agent that resides on the switch. This engine protects against message replay, delay, and redirection. The engine ID is also used in combination with user passwords to generate the security keys for authenticating and encrypting SNMPv3 packets.

A local engine ID is automatically generated that is unique to the switch. This is referred to as the default engine ID. If the local engine ID is deleted or changed, all SNMP users will be cleared. You will need to reconfigure all existing users.

A new engine ID can be specified by entering 5 to 32 octets of hexadecimal characters; that is, 9 to 64 hexadecimal characters. If an odd number of hexadecimal characters are specified, a trailing zero is added to the value to fill the octet. For example, entering the value “123456789” results in an engine ID of “1234567890.”

Web – Click SNMP, SNMPv3, Engine ID.

Figure 3-27 Setting an Engine ID

CLI – This example sets an SNMPv3 engine ID.

Console(config)#snmp-server engine-id local 12345abcdef0

4-107

Console(config)#exit

Console#show snmp engine-id4-114

Local SNMP engineID: 12345abcdef0

Local SNMP engineBoots: 1

Console#

3-36

Page 80
Image 80
SMC Networks SMC8150L2 manual Configuring SNMPv3 Management Access, Setting the Local Engine ID