set snmp access

Use this command to set an SNMP access configuration.

Syntax

set snmp access groupname security-model {v1 | v2c | usm} [noauthentication | authentication | privacy] [context context] [exact | prefix] [read read] [write write] [notify notify] [volatile | nonvolatile]

Parameters

groupname Specifies a name for an SNMPv3 group.
security-model v1 | v2c | usm Specifies SNMP version 1, 2c or 3 (usm).
noauthentication | authentication | privacy (Optional) Applies SNMP security level as no authentication, authentication (without privacy) or privacy. Privacy specifies that messages sent on behalf of the user are protected from disclosure.
context context exact | prefix (Optional) Sets the context for this access configuration and specifies that the match must be exact (matching the whole context string) or a prefix match only. Context is a subset of management information this SNMP group will be allowed to access. Valid values are full or partial MIB object context names and router for the module operating in router mode. To review all contexts configured for the device, use the show snmp context command.
Note: Beginning with Release 6.0, do not specify the routing module ID as part of the context. You must specify router for the system designated router mode module.
read read (Optional) Specifies a read access view.
write write (Optional) Specifies a write access view.
notify notify (Optional) Specifies a notify access view.
volatile | nonvolatile | read-only (Optional) Stores associated SNMP entries as temporary or permanent, or read-only.

Defaults

  • If security level is not specified, no authentication will be applied.
  • If context is not specified, access will be enabled for the default context. If context is specified without a context match, exact match will be applied.
  • If read view is not specified none will be applied.
  • If write view is not specified, none will be applied.
  • If notify view is not specified, none will be applied.
  • If storage type is not specified, entries will be stored as permanent and will be held through device reboot.

Mode

All command modes.

Usage

In C2 security mode, you can not create, delete, or modify SNMP access while in Read-Write user mode.

Examples

This example permits the “powergroup” to manage all MIBs via SNMPv3:

System(rw)->set snmp access powergroup security-model usm

This example grants the “powergroup” SNMPv3 management access from all router modules when operating in router mode:

System(rw)->set snmp access powergroup security-model usm context router prefix