3.1.3 SNMP Configuration
Use this command to enable/disable the SNMP server and set Engine ID.
Command Syntax:
snmp-server
snmp-server engine-id local <engineID>Argument | Description | |
Parameter |
| Local engine ID |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Enable SNMP server and specify engine ID. To disable the SNMP, use the ‘no’ version of the command. | |
Example | Example 1: Enable SNMP. | |
Use this command to trap Destination and Source configuration.
Command Syntax:
snmp-server trap <source_name> [ id <filter_id> ] [ <oid_subtree> { include | exclude } ]Argument | Description | |
Parameter |
| Name of the event. Possible options are: alarmTrapStatus, authenticationFailure, coldStart, entConfigChange, ipTrapGlobalsMain, ipTrapInterfacesLink, linkDown, linkup, lldpRemTablesChange, newRoot, psecTrapGlobalsMain, psecTrapInterfaces, topologyChange, and warmStart. |
| Trap source filter ID | |
| OiD to use as index filter | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure SNMP source. To delete the entry, use the ‘no’ version of the command. | |
Example | Example 1: Add “Remote SNMP client was trying to access the unit using invalid username/password values” event to the trap source configuration. | |
Use this command to configure the SNMP community table used as part of SNMP group configuration.
Command Syntax:
snmp-server community <v3_comm> [ { ip-range <v_ipv4_addr> <v_ipv4_netmask> | ipv6-range <v_ipv6_subnet> } ] { <v3_sec> | encrypted <v3_sec_enc> }Argument | Description | |
Parameter |
| Community Name to map to the SNMP Groups configuration. String length is 1–32 and valid ASCII characters range 33–126. |
| Indicates SNMP access source address. A range of source addresses can be used to restrict source subnet when combined with source netmask. | |
| Indicates the community secret (access string) to permit access using SNMPv1 and SNMPv2c to the SNMP agent. The allowed string length is 1–32, and the allowed content is ASCII characters from 33–126. | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure SNMP community. To delete it, use the ‘no’ version of the command. | |
Example | Example 1: Create SNMP community named “c-name” with community secret “secret”. | |
Use this command to configure SNMPv3 user.
Command Syntax:
snmp-server user <username> engine-id <engineID> [ { md5 { <md5_passwd> | { encrypted <md5_passwd_encrypt> } } | sha { <sha_passwd> | { encrypted <sha_passwd_encrypt> } } } [ priv { des | aes } { <priv_passwd> | { encrypted <priv_passwd_encrypt> } } ] ]Argument | Description | |
Parameter |
| User name. String length is 1–32, and the valid ASCII characters range is 33–126. |
| Octet string. Must contain an even number (in hexadecimal format) between 10 and 64 digits. | |
| Authentication protocol MD5. The password length is 8–32 and the valid ASCII characters range is 33–126. | |
| Authentication protocol SHA. The password length is 8–40 and the valid ASCII characters range is 33–126. | |
| Privacy protocol DES or AES | |
| Privacy password. The password length is 8–32 and the valid ASCII characters range is 33–126. | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure SNMPv3 user. To delete it, use the ‘no’ version of the command. | |
Example | Example 1: Add SNMPv3 user "testuser" with authentication protocol MD5 and password "testpassword". | |
Use this command to configure SNMP group-name based on Security Model and Security name.
Command Syntax:
snmp-server security-to-group model { v1 | v2c | v3 } name <security_name> group <group_name>Argument | Description | |
Parameter |
| The security model to which the entry should belong. |
| One of the security names created in SNMP Community for v1 and v2c or one of the SNMPv3 users. | |
| Group name. String length is 1–32, and the valid ASCII characters range is 33–126. | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure SNMP group name. To delete it, use the ‘no’ version of the command. | |
Example | Example 1: Configure SNMPv2 security model and group. | |
Use this command to configure which SNMP OiDs must be included/excluded from the entire SNMP OiD tree.
Command Syntax:
snmp-server view <view_name> <.oid_subtree> { include | exclude }Argument | Description | |
Parameter |
| A string identifying the view name that this entry should belong to. The allowed string length is 1–32, and the allowed content is ASCII characters from 33–126. |
| OiD defining the root of the subtree to add to the named view. String length is 1–128. Allowed string content is number or asterisk (*). | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure SNMP View OiD-range. Use the ‘no’ version of the command to delete it. | |
Example | Example 1: Create an SNMP view OiD-range named “mib-ii” with access to all SNMP OiDs exept for the MIB-II system branch .1.3.6.1.2.1.1. | |
Use this command to configure the SNMP access.
Command Syntax:
snmp-server access <group_name> model { v1 | v2c | v3 | any } level { auth | noauth | priv } [ read <view_name>] [ write <write_name>]Argument | Description | |
Parameter |
| Group name previously configured by security-to-group command. String length is 1–32 and valid ASCII characters range 33–126. |
| Security model the entry should belong to. | |
| Security level.
| |
| Name of the MIB view defining the MIB objects for which this request may read OiD values | |
| Name of the MIB view defining the MIB objects for which this request may set OiD new values | |
Default | N.A | |
Mode | Global Configuration mode | |
Usage | Configure the SNMP group name. To delete it, use the ‘no’ version of the command. | |
Example | Example 1: Configure SNMPv2 access. | |