Configuring SNMPv3 Management Access
5-7
5
Configuring SNMPv3 Management Access
To configure SNMPv3 management access to the switch, follow these steps:
1. If you want to change the default engine ID, do so before configuring other
SNMP parameters.
2. Specify read and write access views for the switch MIB tree.
3. Configure SNMP user groups with the required security model (i.e., SNMP v1,
v2c or v3) and security level (i.e., authentication and privacy).
4. Assign SNMP users to groups, along with their specific authentication and
privacy passwords.
Setting a Local Engine ID
An SNMPv3 engine is an independent SNMP agent that resides on the switch. This
engine protects against message replay, delay, and redirection. The engine ID is
also used in combination with user passwords to generate the security keys for
authenticating and encrypting SNMPv3 packets.
A local engine ID is automatically generated that is unique to the switch. This is
referred to as the default engine ID. If the local engineID is deleted or changed, all
SNMP users will be cleared. You will need to reconfigure all existing users.
A new engine ID can be specified by entering 9 to 64 hexadecimal characters. If an
odd number of characters are specified, a trailing zero is added to the value to fill in
the missing octet. For example, the value “123456789” is equivalent to
“1234567890”.
Web
– Click SNMP, SNMPv3, Engine ID. Enter an ID of up to 64 hexadecimal
characters and then click Save.
Figure 5-4 Setting the SNMPv3 Engine ID
CLI
– This example sets an SNMPv3 engine ID.
Console(config)#snmp-server engine-id local 12345abcdef
24-8
Console(config)#exit
Console#show snmp engine-id
24-9
Local SNMP engineID: 8000002a8000000000e8666672
Local SNMP engineBoots: 1
Console#
Summary of Contents for 8926EM
Page 6: ...ii ...
Page 34: ...Getting Started ...
Page 44: ...Introduction 1 10 1 ...
Page 62: ...Initial Configuration 2 18 2 ...
Page 64: ...Switch Management ...
Page 76: ...Configuring the Switch 3 12 3 ...
Page 118: ...Basic Management Tasks 4 42 4 ...
Page 164: ...User Authentication 6 28 6 ...
Page 176: ...Access Control Lists 7 12 7 ...
Page 284: ...Quality of Service 14 8 14 ...
Page 294: ...Multicast Filtering 15 10 15 ...
Page 300: ...Domain Name Service 16 6 16 ...
Page 310: ...Dynamic Host Configuration Protocol 17 10 17 ...
Page 320: ...Configuring Router Redundancy 18 10 18 ...
Page 344: ...IP Routing 19 24 19 ...
Page 356: ...Unicast Routing 20 12 20 Web Click Routing Protocol RIP Statistics Figure 20 5 RIP Statistics ...
Page 386: ...Unicast Routing 20 42 20 ...
Page 388: ...Command Line Interface ...
Page 400: ...Overview of the Command Line Interface 21 12 21 ...
Page 466: ...SNMP Commands 24 16 24 ...
Page 520: ...Access Control List Commands 26 18 26 ...
Page 546: ...Rate Limit Commands 30 2 30 ...
Page 612: ...VLAN Commands 34 24 34 ...
Page 626: ...Class of Service Commands 35 14 35 ...
Page 670: ...DHCP Commands 39 16 39 ...
Page 716: ...IP Interface Commands 41 36 41 ...
Page 768: ...IP Routing Commands 42 52 42 ...
Page 770: ...Appendices ...
Page 791: ......