Configuring SNMP
12-10 Configuring SNMP
enterasys(su)->set snmp view viewname RW subtree 0.0
enterasys(su)->set snmp view viewname RW subtree 1.3.6.1.6.3.13.1 excluded
enterasys(su)->set snmp targetparams TVv1public user public security-model v1
message processing v1
enterasys(su)->set snmp targetaddr TVTrap 10.42.1.10 param TVv1public taglist
TVTrapTag
enterasys(su)->set snmp notify TVTrap tag TVTrapTag
Adding to or Modifying the Default Configuration
By default, SNMPv1 is configured on Enterasys switches. A single community name - public - is
configured, which grants read-write access to the whole MIB tree for both SNMPv1 and
SNMPv2c.
The beginning command sequence in the default configuration is similar to the first part of the
previous example. It looks like this:
enterasys(su)->set snmp community public
enterasys(su)->set snmp group groupRW user public security-model v1
enterasys(su)->set snmp access groupRW security-model v1 read All write All notify
All
enterasys(su)->set snmp view viewname All subtree 1
You can modify this default configuration as shown in the following examples.
Adding a New Community Name
Use these commands to add a new SNMPv1 community name called newname with the same
permissions as the default configuration:
enterasys(su)->set snmp community newname
enterasys(su)->set snmp group groupRW user newname security-model v1
Use this command to remove the public community name from the default configuration:
enterasys(su)->clear snmp community public
Refer to “Configuring Secure SNMP Community Names” on page 12-15 for a description of a
recommended configuration that will prevent unsecured access to SNMP information.
Configuring SNMPv3
Procedure 12-2 shows how to complete a basic SNMPv3 configuration. For additional
configuration information, refer to:
•“Configuring an SNMPv3 Inform or Trap Engine ID” on page 12-13
•“Configuring an SNMP View” on page 12-14
•“Configuring Secure SNMP Community Names” on page 12-15
Note: Any use of the parameter 'All' must be exactly as shown in this example. Any other variation
(including, but not limited to, values such as 'all' or 'ALL') will not be valid.
Note: You can leave the set snmp group groupRW user public security-model v1 statement in
the default configuration in case you want to re-activate the public community name at some point,
or can clear it as well.
To Next Page
Loading...
Need help?
General