configure snmpv3 add access

configure snmpv3 add access [[hex hex_group_name] | group_name] {sec-model [snmpv1 | snmpv2c | usm]} {sec-level [noauth | authnopriv | priv]} {read-view [[hex hex_read_view_name] | read_view_name]} {write-view [[hex hex_write_view_name]] | write_view_name]} {notify-view [[hex hex_notify_view_nam]] | notify_view_name]} {volatile}

Description

Creates (and modifies) a group and its access rights.

Syntax Description

hex_group_name Specifies the group name to add or modify. The value is to be supplied as a colon separated string of hex octets.
group_name Specifies the group name to add or modify. The value is to be supplied in ASCII format.
sec-model Specifies the security model to use.
snmpv1 Specifies the SNMPv1 security model.
snmpv2c Specifies the SNMPv2c security model.
usm Specifies the SNMPv3 User-based Security Model (USM).
sec-level Specifies the security level for the group.
noauth Specifies no authentication (and implies no privacy) for the security level.
authnopriv Specifies authentication and no privacy for the security level.
priv Specifies authentication and privacy for the security level.
read-view Specifies the read view name:hex_read_view_name—Specifies a hex value supplied as a colon separated string of hex octetsread_view_name—Specifies an ASCII value.
write-view Specifies the write view name:hex_write_view_name—Specifies a hex value supplied as a colon separated string of hex octetswrite_view_name—Specifies an ASCII value.
notify-view Specifies the notify view name:hex_notify_view_name—Specifies a hex value supplied as a colon separated string of hex octetsnotify_view_name—Specifies an ASCII value.
volatile Specifies volatile storage.

Default

The default values are:
  • sec-model—USM

  • sec-level—noauth

  • read view name—defaultUserView

  • write view name— “”

  • notify view name—defaultNotifyView

  • non-volatile storage

Usage Guidelines

Use this command to configure access rights for a group. All access groups are created with a unique default context, “”, as that is the only supported context.

Use more than one character when creating unique community strings and access group names.

A number of default groups are already defined. These groups are: admin, initial, v1v2c_ro, v1v2c_rw.
  • The default groups defined are v1v2c_ro for security name v1v2c_ro, v1v2c_rw for security name v1v2c_rw, admin for security name admin, and initial for security names initial, initialmd5, initialsha, initialmd5Priv and initialshaPriv.

  • The default access defined are admin, initial, v1v2c_ro, v1v2c_rw, and v1v2cNotifyGroup.

Example

In the following command, access for the group defaultROGroup is created with all the default values: security model usm, security level noauth, read view defaultUserView, no write view, notify view defaultNotifyView, and storage nonvolatile.

configure snmpv3 add access defaultROGroup

In the following command, access for the group defaultROGroup is created with the values: security model USM, security level authnopriv, read view defaultAdminView, write view defaultAdminView, notify view defaultAdminView, and storage nonvolatile.

configure snmpv3 add access defaultROGroup sec-model usm sec-level authnopriv read-view defaultAdminView write-view defaultAdminView notify-view defaultAdminView

History

This command was first available in ExtremeXOS 10.1.

The hex_read_view_name, hex_write_view_name, and hex_notify_view_name parameters were added in ExtremeXOS 11.0.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.