Defining the udp port for snmp v3 traps – Brocade TurboIron 24X Series Configuration Guide User Manual

172

Brocade TurboIron 24X Series Configuration Guide

53-100305301

SNMP version 3 traps

To configure an SNMP user group, first configure SNMP v3 views using the snmp-server view
command.Refer to

“SNMP v3 Configuration examples”

on page 175. Then enter a command such

as the following.

TurboIron(config)#snmp-server group admin v3 auth read all write all

notify all

Syntax: [no] snmp-server group <groupname> v1 | v2 | v3 auth | noauth | priv

[access <standard-ACL-id>] [read <viewstring> | write <viewstring> | notify <viewstring>]

The group <groupname> parameter defines the name of the SNMP group to be created.

The v1, v2, or v3 parameter indicates which version of SNMP to use. In most cases, you will use v3,
since groups are automatically created in SNMP versions 1 and 2 from community strings.

The auth | noauth parameter determines whether or not authentication will be required to access
the supported views. If auth is selected, then only authenticated packets are allowed to access the
view specified for the user group. Selecting noauth means that no authentication is required to
access the specified view. Selecting priv means that an authentication password will be required
from the users.

The access <standard-ACL-id> parameter is optional. It allows incoming SNMP packets to be
filtered based on the standard ACL attached to the group.

The read <viewstring> | write <viewstring> parameter is optional. It indicates that users who
belong to this group have either read or write access to the MIB.

The notify view allows administrators to restrict the scope of varbind objects that will be part of the
notification. All of the varbinds need to be in the included view for the notification to be created.

The <viewstring> variable is the name of the view to which the SNMP group members have access.
If no view is specified, then the group has no access to the MIB.

Defining the UDP port for SNMP v3 traps

The SNMP host command enhancements allow configuration of notifications in SMIv2 format, with
or without encryption, in addition to the previously supported SMIv1 trap format.

You can define a port that receives the SNMP v3 traps by entering a command such as the
following.

TurboIron(config)#snmp-server host 192.168.4.11 version v3 auth security-name

port 1 [no] snmp-server host <ip-addr> | <ipv6-addr> version [ v1 | v2c

<community-string> | v3 auth | noauth | priv <security-name>] [port

<trap-UDP-port-number>]

The <ip-addr> parameter specifies the IP address of the host that will receive the trap.

For version, indicate one of the following

For SNMP version 1, enter v1 and the name of the community string (<community-string>). This
string is encrypted within the system.

NOTE

The options "v2c" and "v3" are new in software release 03.0.00. If the configured version is v2c,
then the notification is sent out in SMIv2 format, using the community string, but in cleartext mode.
To send the SMIv2 notification in SNMPv3 packet format, configure v3 with auth or privacy
parameters, or both, by specifying a security name. The actual authorization and privacy values are
obtained from the security name.