SNMPv3 Configuration shows how to complete a basic SNMPv3 configuration.
.
Step | Task | Command(s) |
---|---|---|
1 | Create an SNMPv3 user and specify authentication, encryption, and security credentials.
|
set snmp user user [remote remoteid] [authentication {md5 | sha}] [authpassword] [privacy privpassword] |
2 | Create a user group and add the user created in Step 1.
|
set snmp group groupname user user security-model usm [volatile | nonvolatile] |
3 | Set security access rights for the group.
|
set snmp access groupname security-model usm [noauthentication | authentication | privacy] [context context] [exact | prefix] [read readviewname] [write writeviewname] [notify notifyviewname] [volatile | nonvolatile] |
4 | Define views created in Step 3.
|
set snmp view viewname viewname subtree subtree [mask mask] [included | excluded] [volatile | nonvolatile] |
5 | Set SNMP target parameters.
|
set snmp targetparams paramset_name user user security-model usm message-processing v3 [noauthentication | authentication | privacy] [volatile | nonvolatile] |
6 | Set the SNMP target address for notification message generation.
|
set snmp targetaddr targetaddr_name ipaddr param paramset_name [udpport udpport] [mask mask] [timeout timeout] [retries retries] [taglist taglist] [volatile | nonvolatile] |
7 | Set SNMP notification parameters.
|
set snmp notify notify tag tag [trap | inform] [volatile | nonvolatile] |
The following example is an S- K- and 7100-Series device configuration using the steps in SNMPv3 Configuration. It shows how to:
System(su)->set snmp user Extremenetworks_user authentication md5 my_authentication privacy my_privacy System(su)->set snmp group Extremenetworks user Extremenetworks_user security-model usm System(su)->set snmp access Extremenetworks security-model usm privacy read readView write writeView System(su)->set snmp view viewname readView subtree 1 System(su)-> set snmp view viewname writeView subtree 1 System(su)-> set snmp view viewname writeView subtree 1.3.6.1.4.1.5624.1.2.16 excluded System(su)-> set snmp targetparams matrixn user Extremenetworks_user security-model usm message-processing v3 System(su)-> set snmp targetaddr Extreme_Networks 172.29.10.1 param matrixn taglist v3TrapTag System(su)->set snmp notify SNMPv3TrapGen tag v3TrapTag inform
How SNMP Will Process This Configuration
As described in How SNMP Processes a Notification Configuration, if the SNMP agent on the device needs to send an inform message, it looks to see if there is a notification entry that says what to do with inform messages. Then, it looks to see if the tag list (v3TrapTag) specified in the notification entry exists. If it exists, then the inform message is sent to the target addresses specified by the tag list, (Extreme_Networks) using the parameters specified for each address (matrixn).