Create Access for a Group

About this task

Create access for a group in the View-based Access Control Model (VACM) table to provide access to managed objects.

Procedure

  1. In the navigation pane, expand Configuration > Edit > SnmpV3.
  2. Select VACM Table.
  3. Select the Group Access Right tab.
  4. Select Insert.
  5. In GroupName, type a VACM group name.
  6. Optional: In ContextPrefix, select a VRF instance.
  7. From the SecurityModel options, select a model.
  8. From the SecurityLevel options, select a security level.
  9. In ContextMatch, select a value to match the context name.
  10. Optional: In ReadViewName, type the name of the MIB view that forms the basis of authorization when reading objects.
  11. Optional: In WriteViewName, type the name of the MIB view that forms the basis of authorization when writing objects.
  12. Optional: In NotifyViewName, type MIB view that forms the basis of authorization for notifications.
  13. Select Insert.

Group Access Right Field Descriptions

Use the data in the following table to use the Group Access Right tab.

Name

Description

GroupName

Specifies the name of the new group in the VACM table. The range is 1–32 characters.

ContextPrefix

Specifies if the contextName must match the value of the instance of this object exactly or partially. The range is an SnmpAdminString, 1–32 characters.

SecurityModel

Specifies the authentication checking to communicate to the switch. The security models are:

  • SNMPv1

  • SNMPv2

  • USM

SecurityLevel

Specifies the minimum level of security required to gain the access rights allowed. The security levels are:

  • noAuthNoPriv

  • authNoPriv

  • authpriv

ContextMatch

Specifies if the prefix and the context name must match. If the value is exact, all rows where the contextName exactly matches vacmAccessContextPrefix are selected. If you do not select exact, all rows where the contextName with starting octets that exactly match vacmAccessContextPrefix are selected.

This default is exact.

ReadViewName

Identifies the MIB view of the SNMP context to which this conceptual row authorizes read access. The default is the empty string.

WriteViewName

Identifies the MIB view of the SNMP context to which this conceptual row authorizes write access. The default is the empty string.

NotifyViewName

Identifies the MIB view of the SNMP context to which this conceptual row authorizes access for notifications. The default is the empty string.