Simple Network Management Protocol 3

Specifying a Remote Engine ID

To send inform messages to an SNMPv3 user on a remote device, you must first specify the engine identifier for the SNMP agent on the remote device where the user resides. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host.

SNMP passwords are localized using the engine ID of the authoritative agent. For informs, the authoritative SNMP agent is the remote agent. You therefore need to configure the remote agent’s SNMP engine ID before you can send proxy requests or informs to it.

A new engine ID can be specified by entering 5 to 32 octets of hexadecimal characters; that is, 9 to 64 hexadecimal characters. If an odd number of hexadecimal characters are specified, a trailing zero is added to the value to fill the octet. For example, entering the value “123456789” results in an engine ID of “1234567890.”

Web – Click SNMP, SNMPv3, Remote Engine ID.

Figure 3-28 Setting a Remote Engine ID

CLI – This example specifies a remote SNMPv3 engine ID.

Console(config)#snmp-server engineID remote 54321fedcba0 192.168.1.19

4-107

Console(config)#exit

 

Console#show snmp engine-id

4-107

Local SNMP engineID: 83010000030000352810030000

Local SNMP engineBoots: 1

Remote SNMP engineID: 54321fedcba0 IP address 192.168.1.25

Console#

Configuring SNMPv3 Users

Each SNMPv3 user is defined by a unique name. Users must be configured with a specific security level and assigned to a group. The SNMPv3 group restricts users to a specific read, write, and notify view.

Command Attributes

User Name – The name of user connecting to the SNMP agent. (Range: 1-32 characters)

Group Name – The name of the SNMP group to which the user is assigned. (Range: 1-32 characters)

Model – The user security model; SNMP v1, v2c or v3.

3-37

Page 81
Image 81
SMC Networks SMC8150L2 manual Specifying a Remote Engine ID, Configuring SNMPv3 Users