SNMP Configurations
User Guide 867
Configuring SNMP & RMON
2.2.5 Creating SNMP Users (For SNMPv3)
Create SNMP users and add them to the SNMP group. Users in the same group have the
same access rights which are controlled by the read, write and notify views of the group.
Step 1 configure
Enter Global Configuration Mode.
Step 2 Choose a security level for the user and run the corresponding command to create the
user. The security levels from low to high are NoAuthNoPriv, AuthNoPriv, and AuthPriv. The
security level of a user should not be lower than that of the group it belongs to.
To create a user with the security level as NoAuthNoPriv:
snmp-server user
name
{ local | remote }
group-name
[ smode v3 ] slev noAuthNoPriv
name:
Enter the user name with 1 to 16 characters.
local | remote: Choose a user type based on the location of the user. Local indicates that
the user resides on the local SNMP engine (the switch), while remote indicates that the user
resides on the NMS. Before configuring a remote user, you need to set the remote engine ID
first. The remote engine ID and user password are used when computing the authentication
and privacy digests.
group-name:
Enter the name of the group which the user belongs to. Users with the same
Group Name, Security Model and Security Level will be in the same group.
v3
:
Configure the security model for the user. v3 indicates SNMPv3, the most secure model.
noAuthNoPriv: Configure the security level as noAuthNoPriv. For this level, no authentication
algorithm but a user name match is applied to check packets, and no privacy algorithm is
applied to encrypt them.
To create a user with the security level as AuthNoPriv:
snmp-server user
name
{ local | remote }
group-name
[ smode v3 ] slev authNoPriv cmode
{MD5 | SHA } cpwd
confirm-pwd
authNoPriv: Configure the security level as authNoPriv. For this level, an authentication
algorithm is applied to check packets, but no privacy algorithm is applied to encrypt them.
MD5 | SHA:
Choose an authentication algorithm when the security level is set as authNoPriv
or authPriv. SHA authentication mode has a higher security than MD5 mode. By default, the
Authentication Mode is none.
confirm-pwd:
Enter an authentication password with 1 to 16 characters excluding question
mark and space. This password in the configuration file will be displayed in the symmetric
encrypted form.
To create a user with the security as AuthPriv:
snmp-server user
name
{ local | remote }
group-name
[ smode v3 ] slev authPriv cmode
{MD5 | SHA } cpwd
confirm-pwd
emode DES epwd
encrypt-pwd
authPriv: Configure the security level as authPriv. For this level, an authentication algorithm
and a privacy algorithm are applied to check and encrypt packets.
DES:
Configure the privacy mode as DES. The switch will use the DES algorithm to encrypt
the packets. By default, the Privacy Mode is none.
encrypt-pwd:
Enter a privacy password with 1 to 16 characters excluding question mark and
space. This password in the configuration file will be displayed in the symmetric encrypted
form.
To Next Page
Loading...
