Enabling SNMP
To enable the SNMP server, use the following command.
snmp-server
■ Use to enable SNMP server operation.
■ Example
host1(config)#snmp-server
■ Use the no version to disable the SNMP server operation.
■ See snmp-server.
Configuring SNMP v1/v2c Community
For SNMPv1/v2c, access to an SNMP server by an SNMP client is governed by a
proprietary SNMP community table that identifies those communities that have
read-only, read-write, or administrative permission to the SNMP MIB stored on a
particular server.
When an SNMP server receives a request, the server extracts the client’s IP address
and the community name. The SNMP community table is searched for a matching
community. If a match is found, its access list name is used to validate the IP address.
If the access list name is null, the IP address is accepted. A nonmatching community
or an invalid IP address results in an SNMP authentication error.
Each entry in the community table identifies:
■ An SNMP community name
■ A user’s privilege level
■ An IP access list
Community Name
The community name acts as a password and is used to authenticate messages sent
between an SNMP client and a router containing an SNMP server. The community
name is sent in every packet between the client and the server.
Privilege Levels
SNMP has three privilege levels:
■ Read-only—Read-only access to the entire MIB except for SNMP configuration
objects
■ Read-write—Read-write access to the entire MIB except for SNMP configuration
objects
■ Admin—Read-write access to the entire MIB
SNMP Configuration Tasks ■ 159
Chapter 4: Configuring SNMP
To Next Page
Loading...