Snmpv3 trap host configuration, Securing access to the switch – Juniper Networks EX2500 User Manual

Page 24

Advertising
background image

EX2500 Ethernet Switch Configuration Guide

10

„

Securing Access to the Switch

SNMPv3 Trap Host Configuration

To configure a user for SNMPv3 traps, you can choose to send the traps with both
privacy and authentication, with authentication only, or without privacy or
authentication.

This is configured in the access table with the following commands:

ex2500(config)# snmp-server access <1-32> level
ex2500(config)# snmp-server target-parameters <1-16>

Configure the user in the user table accordingly.

It is not necessary to configure the community table for SNMPv3 traps because the
community string is not used by SNMPv3.

The following example shows how to configure a SNMPv3 user v3trap with
authentication only:

ex2500(config)# snmp-server user 11 name v3trap
ex2500(config)# snmp-server user 11 authentication-protocol md5
authentication-password

Changing authentication password; validation required:
Enter current admin password: <admin. password>
Enter new authentication password: <auth. password>
Re-enter new authentication password: <auth. password>
New authentication password accepted.
ex2500(config)# snmp-server access 11 notify-view iso
ex2500(config)# snmp-server access 11 level authnopriv
ex2500(config)# snmp-server group 11 user-name v3trap
ex2500(config)# snmp-server group 11 tag v3trap
ex2500(config)# snmp-server notify 11 name v3trap
ex2500(config)# snmp-server notify 11 tag v3trap
ex2500(config)# snmp-server target-address 11 name v3trap address 47.81.25.66
ex2500(config)# snmp-server target-address 11 taglist v3trap
ex2500(config)# snmp-server target-address 11 parameters-name v3param
ex2500(config)# snmp-server target-parameters 11 name v3param
ex2500(config)# snmp-server target-parameters 11 user-name v3trap
ex2500(config)# snmp-server target-parameters 11 level authNoPriv

Securing Access to the Switch

Secure switch management is needed for environments that perform significant
management functions across the Internet. Common functions for secured
management are described in the following sections:

„

RADIUS Authentication and Authorization on page 11

„

TACACS+ Authentication on page 14

„

End User Access Control on page 19

Advertising
Popular Brands
Popular manuals