Configuring SNMPv3 Management Access
3-47
3
CLI
– Use the
snmp-server user
command to configure a new user name and
assign it to a group.
Configuring Remote SNMPv3 Users
Each SNMPv3 user is defined by a unique name. Users must be configured with a
specific security level and assigned to a group. The SNMPv3 group restricts users to
a specific read and a write view.
To send inform messages to an SNMPv3 user on a remote device, you must first
specify the engine identifier for the SNMP agent on the remote device where the
user resides. The remote engine ID is used to compute the security digest for
authenticating and encrypting packets sent to a user on the remote host. (See
“Specifying Trap Managers and Trap Types” on page 3-41 and “Specifying a
Remote Engine ID” on page 3-44.)
Command Attributes
•
User Name
– The name of user connecting to the SNMP agent. (Range: 1-32
characters)
•
Group Name
– The name of the SNMP group to which the user is assigned.
(Range: 1-32 characters)
•
Engine ID
– The engine identifier for the SNMP agent on the remote device where
the remote user resides. Note that the remote engine identifier must be specified
before you configure a remote user. (See “Specifying a Remote Engine ID” on
page 3-44.)
•
Remote IP
– The Internet address of the remote device where the user resides.
•
Security Model
– The user security model; SNMP v1, v2c or v3. (Default: v1)
•
Security Level
– The security level used for the user:
- noAuthNoPriv – There is no authentication or encryption used in SNMP
communications. (This is the default for SNMPv3.)
- AuthNoPriv – SNMP communications use authentication, but the data is not
encrypted (only available for the SNMPv3 security model).
- AuthPriv – SNMP communications use both authentication and encryption (only
available for the SNMPv3 security model).
•
Authentication
Protocol
– The method used for user authentication. (Options:
MD5, SHA; Default: MD5)
•
Authentication
Password
– A minimum of eight plain text characters is required.
Console(config)#snmp-server user chris group r&d v3 auth md5
greenpeace priv des56 einstien
4-128
Console(config)#exit
Console#show snmp user
4-130
EngineId: 80000034030001f488f5200000
User Name: chris
Authentication Protocol: md5
Privacy Protocol: des56
Storage Type: nonvolatile
Row Status: active
Console#
Summary of Contents for 24/48 10/100 Ports + 2GE
Page 2: ......
Page 4: ...ES3526XA ES3552XA F2 2 6 3 E122006 CS R02 149100005500H...
Page 18: ...Contents xiv...
Page 22: ...Tables xviii...
Page 26: ...Figures xxii...
Page 34: ...Introduction 1 8 1...
Page 44: ...Initial Configuration 2 10 2...
Page 242: ...Configuring the Switch 3 198 3...
Page 498: ...Software Specifications A 4 A...
Page 511: ......
Page 512: ...ES3526XA ES3552XA E122006 CS R02D 149100005500H...