10.
SNMP Server Configuration
MN700004 Rev 01
85
The following command grants access to all conceptual rows in
ipCidrRouteTable
that have
next-hop 192.168.5.1. The destination, mask and the TOS entered in the OID have no match
(the bits of the mask are ‘0’ at these OIDs).
If an Object ID does not match any rule in a view, its access is denied.
device-name
(config)#
snmp-server view v1
1.3.6.1.2.1.4.24.4.0.0.0.0.0.0.0.0.0.192.168.5.1 include FFC01E
Example 3
The following command removes the specified view data. If the optional Object ID is not
supplied, all the data of the view VIEWNAME will be deleted. If the user enters an Object ID
(by name or dot-notation), then only the rule with the view family that matches the Object ID
will be deleted.
device-name
(config)#
no snmp-server view VIEWNAME OID
Example 4
The following example shows how to delete the rule for the
sysUpTime
(1.3.6.1.2.1.1.3) view
family (all other data of
MyView
is preserved):
device-name
(config)#
no snmp-server view
MyView 1.3.6.1.2.1.1.3
Example 5
The following example shows how to delete all data for the view with name
MyView
:
device-name
(config)#
no snmp view MyView
Defining SNMP Groups
The
snmp-server group
command, in Global Configuration mode, creates an SNMP group
with a specified security model (v1, v2c or v3), and defines the access-right for this group by
associating views to this group. If the security model is v3, you can specify the security level
–
noAuth
,
Auth
or
AuthPriv
. The
no
form of the command deletes the SNMP group data. If
you specify only the group name, all groups with that name will be removed, regardless of
their security model and security level. If the security model and security level (if the model is
v3) are specified, only the group matching all conditions is removed.
The Groups define the views that enable access for reading, writing, and notification. In
SNMPv3, a user can participate in more than one group, provided that each group has a
different security model. When a SNMPv3 PDU is received, it carries information about the
user and the security model. The local configured group in which the user participates and the
security model are defined by the information in the PDU.
Command Syntax
device-name
(config)#
snmp-server group
NAME
{
v1
|
v2c
}
read
READ-VIEW
write
WRITE-VIEW
notify
NOTIFY-VIEW
device-name
(config)#
no
snmp-server group
NAME
[
v1
|
v2c
]
device-name
(config)#
snmp-server group
NAME
v3
{
auth
|
noauth
|
priv
}
read
READ-VIEW
write
WRITE-VIEW
notify
NOTIFY-VIEW
device-name
(config)#
no
snmp-server group
NAME
[
v3
{
auth
|
noauth
|
priv
}]