190 
v2c: Specifies SNMPv2c. 
user-name: Specifies an SNMP username, a case-sensitive string of 1 to 32 characters. 
group-name: Specifies an SNMPv1 or SNMPv2c group name, a case-sensitive string of 1 to 32 
characters. The group can be one that has been created or not. The user takes effect only after you 
create the group. 
acl: Specifies a basic or advanced IPv4 ACL for the user. 
ipv4-acl-number: Specifies a basic or advanced IPv4 ACL by its number. The basic IPv4 ACL 
number is in the range of 2000 to 2999. The advanced IPv4 ACL number is in the range of 3000 to 
3999. 
name ipv4-acl-name: Specifies a basic or advanced IPv4 ACL by its name, a case-insensitive string 
of 1 to 63 characters. 
acl ipv6: Specifies a basic or advanced IPv6 ACL for the user. 
ipv6-acl-number: Specifies a basic or advanced IPv6 ACL by its number. The basic IPv6 ACL 
number is in the range of 2000 to 2999. The advanced IPv6 ACL number is in the range of 3000 to 
3999. 
name ipv6-acl-name: Specifies a basic or advanced IPv6 ACL by its name, a case-insensitive string 
of 1 to 63 characters. 
Usage guidelines 
This command is not available in FIPS mode. 
Only users with the network-admin or level-15 user role can execute this command. Users with other 
user roles cannot execute this command even if these roles are granted access to commands of the 
SNMP feature or this command. 
On an SNMPv1 or SNMPv2c network, NMSs and agents authenticate each other by using the 
community name. On an SNMPv3 network, NMSs and agents authenticate each other by using the 
username. 
You can create an SNMPv1 or SNMPv2c community by using either of the following ways: 
•  Execute the snmp-agent community command. 
•  Execute the snmp-agent usm-user { v1 | v2c } and snmp-agent group { v1 | v2c } commands 
to create an SNMPv1 or SNMPv2c user and the group that the user is assigned to. The system 
automatically creates an SNMP community by using the SNMPv1 or SNMPv2c username.  
You can specify an ACL for the user and group, respectively, to filter illegitimate NMSs. Only the 
NMSs permitted by the ACLs for both the user and group can access the SNMP agent. The following 
rules apply to the ACLs for the user and group: 
•  If you do not specify an ACL, the specified ACL does not exist, or the specified ACL does not 
have any rules, all NMSs that use the username can access the SNMP agent. 
•  If you have specified an ACL and the ACL has rules, only the NMSs permitted by the ACL can 
access the agent. 
For more information about ACL, see ACL and QoS Configuration Guide. 
Examples 
# Add the user userv2c to the SNMPv2c group readCom so an NMS can use the protocol SNMPv2c 
and the read-only community name userv2c to access the device. 
<Sysname> system-view 
[Sysname] snmp-agent sys-info version v2c 
[Sysname] snmp-agent group v2c readCom 
[Sysname] snmp-agent usm-user v2c userv2c readCom 
# Add the user userv2c in the SNMPv2c group readCom so only the NMS at 1.1.1.1 can use the 
protocol SNMPv2c and read-only community name userv2c to access the device.