Introduction to SNMP v3
SNMP version 3 (SNMP V3) is designed to provide security enhancement to the SNMP protocol by adding authentication and encryption. Unlike in version 1, where identification was performed by community name, sent in clear text in the SNMP packets, the SNMP version 3 allows the use of advanced mechanisms that garanty a strong level of security. The inconvenient of this, is a more complex configuration on both sides, the agent and the manager, of the SNMP peer communication.
This How to is an example of setting of the SNMP agent located in a Cisco Router and the LoriotPro SNMP manager
SNMP version 3 (SNMPv3) configuration
Description
Telnet to the router/switch
prompt#
Go to the enable mode by specifying the password:
Router>enable
Password:
Router#
Password:
Router#
Go into configuration mode:
Router#configure terminal
Enter configuration commands, one per line. End
with CNTL/Z.
Router(config)#
snmp-server group <Groupname> v3 auth read
<readviewname> access <access-list number or name>
snmp-server group <Groupname> v3 auth
write<readviewname> access <access-list number or name>
snmp-server group <Groupname> v3 auth notify
<readviewname> access <access-list number or name>
snmp-server view <readviewname> mib-2
included
snmp-server user <username>
<Groupname> v3 auth md5 <authentication password>
priv aes 128 <Privacy pass> access <access-list number or name>
for different groups different snmp user
will be required.
No comments:
Post a Comment