2-57
Controlling Management Access to the ProCurve Secure Router
Using SNMP to Manage the ProCurve Secure Router
Table 2-11. Configuration Options for snmp-server group Command
If no views are specified, the ProCurve Secure Router automatically assigns
default read and notify views that have no restrictions.
For example, suppose you want to define the Admins group with the following
characteristics:
■ uses the SNMP version 3 security model with authentication
■ does not use an ACL
■ uses the default read-write and notify view entries (no restrictions)
To create this group, you would enter:
ProCurve(config)# snmp-server group Admins v3 auth
You might want to set up a different group with more limited access. You could
assign this group a read-view entry named view1 and a write-view entry named
view2 (that is, users in the group would have read privileges for the objects
defined in view1 and write privileges for the objects defined in view2). You
would enter:
ProCurve(config)# snmp-server group LimitedAccess v3 auth read view1 write view2
Option Meaning
<groupname> Specifies the name of the SNMP group. The name can be a
maximum of 31 characters.
v1 | v2c | v3 Specifies the SNMP security model version. If the version is
not specified, version 1 is used.
auth | noauth | priv Specifies a security level for SNMP v3:
• The auth option requires authentication.
• The noauth option does not require authentication or
encryption.
• The priv option requires both authentication and
encryption.
read <viewname> Specifies the read view to which the SNMP group has rights.
write <viewname> Specifies the write view to which the SNMP group has rights.
The group can then view and modify information in this view.
notify <viewname> Specifies the notify view to which the SNMP group has
rights.
access <listname> Specifies a standard ACL to control which SNMP server or
console group members can use to access SNMP
information on the ProCurve Secure Router.
To Next Page
Loading...
Need help?
General
