2-52
Controlling Management Access to the ProCurve Secure Router
Using SNMP to Manage the ProCurve Secure Router
Specifying the Engine ID for a Remote Server
When you configure a username to grant a user access to the ProCurve Secure
Router, you can specify that the user’s account is stored on a remote server.
(See “Configure SNMP Users” on page 2-58.) In this case, you must first specify
the remote server’s engine ID. Enter this command from the global
configuration mode context:
Syntax: snmp-server engineID remote <IP address> <hex string>
Replace <hex string> with 24 hexadecimal characters.
Configuring SNMP Views
In SNMP, the network devices to be monitored are configured as views. A view
consists of one or more network objects that can monitored. When you
configure a view, you specify included or excluded objects. If an object is not
specified in the view, it is excluded by default. A given object can be included
in or excluded from any number of views, as needed.
An object is identified by its OID in the network’s MIB. The OID is a hierarchal
string of numbers—for example, 1.4.6.2.8 would identify a specific subtree,
and 1.4.6.2.8.* would identify an entire subtree family.
Management access to a view is controlled in two ways:
■ Community strings—The community string serves as a password that
SNMP users must provide in order to manage the objects in a view. When
you create a community string, you specify the view that the community
string applies to. (See “Configuring SNMP Traps and Informs” on page
2-60.)
■ Group membership—When you create an SNMP group, you specify one
or more views that the group (and its member users) has access to. (See
“Create an SNMP Group” on page 2-56.)
When you assign views to a group, you can specify each view as one of three
types:
■ Read view—allows the group members to read (monitor) event notifica-
tions received from the network devices within the view
■ Write view—allows the group members to write to (perform management
functions for) network devices within the view
■ Notify view—allows you to configure notify, inform, or trap event notifi-
cations for devices within the view
To Next Page
Loading...
Need help?
General
