Configuring SNMP
358 Administration for the Avaya G250 and Avaya G350 Media Gateways
Users
SNMPv3 uses the User-based Security Model (USM) for security, and the View-based Access
Control Model (VACM) for access control. USM uses the HMAC-MD5-96 and HMAC-SHA-96
protocols for user authentication, and the CBC-DES56 protocol for encryption or privacy.
An unlimited number of users can access SNMPv3 at the same time.
SNMP security levels
●
NoAuthNoPriv
. This is the lowest level of SNMPv3 security. No MAC is provided with the
message, and no encryption is performed. This method maintains the same security level
as SNMPv1, but provides a method for limiting the access rights of the user.
●
AuthNoPriv
. User authentication is performed based on MD5 or SHA algorithms. The
message is sent with an HMAC that is calculated with the user key. The data part is sent
unencrypted.
●
AuthPriv
. User authentication is performed based on MD5 or SHA algorithms. The
message is sent in encrypted MAC that is calculated with the user key, and the data part is
sent with DES56 encryption using the user key.
SNMP-server user command
Use the
snmp-server user
command to create a user or to change the parameters of an
existing user. This command includes the following parameters:
●
A user name for the user
●
The name of the SNMP group with which to associate the user
●
The SNMP version functionality that the user is authorized to use. Possible values are:
v1
(SNMPv1),
v2c
(SNMPv2c), and
v3
(SNMPv3).
●
For an SNMPv3 user, which authentication protocol to use, if any. Possible values are:
md5
(HMAC MD5), and
sha
(HMAC SHA-1). If you specify an authentication protocol, you
must also configure an authentication password for the user. The authentication password
is transformed using the authentication protocol and the SNMP engine ID to create an
authentication key.
●
For an SNMPv3 user, whether or not to use the DES privacy protocol, and the user’s
privacy password if you enable DES privacy
Use the
no
form of the
snmp-server user
command to remove a user and its mapping to a
specified group. If you do not specify a group, the
no
form of the
snmp-server user
command removes the user from all groups.
Summary of Contents for Media Gateway G250
Page 1: ...Administration for the Avaya G250 and Avaya G350 Media Gateways 03 300436 Issue 5 June 2008 ...
Page 24: ...Contents 24 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 32: ...Introduction 32 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 38: ...Configuration overview 38 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 244: ...Configuring logging 244 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 258: ...Configuring VoIP QoS 258 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 370: ...Configuring SNMP 370 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 548: ...Configuring the router 548 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 664: ...Configuring policy 664 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 686: ...Setting synchronization 686 Administration for the Avaya G250 and Avaya G350 Media Gateways ...