Defining an snmp user account, Defining an, Snmp user account – Brocade BigIron RX Series Configuration Guide User Manual

Page 1178

Advertising
background image

1100

BigIron RX Series Configuration Guide

53-1002484-04

Configuring your NMS

37

NOTE

If you will be using a view other than the "all" view, that view must be configured before creating the
user group. Refer to

“Defining SNMP views”

on page 1103, especially for details on the include |

exclude parameters.

Defining an SNMP user account

The snmp-server user command does the following:

Creates an SNMP user.

Defines the group to which the user will be associated.

Defines the type of authentication to be used for SNMP access by this user.

Specifies one of the following encryption types used to encrypt the privacy password:

Data Encryption Standard (DES) – A symmetric-key algorithm that uses a 56-bit key.

Advanced Encryption Standard (AES) – The 128-bit encryption standard adopted by the
U.S. government. This standard is a symmetric cipher algorithm chosen by the National
Institute of Standards and Technology (NIST) as the replacement for DES.

Here is an example of how to create the account.

BigIron RX(config)# snmp-server user bob admin123 v3 access 2 auth md5 bobmd5 priv

des bobdes12

The CLI for creating SNMP version 3 users has been updated as follows.

Syntax: [no] snmp-server user <name> <groupname> v3

[ [access <standard-acl-id>]
[ [encrypted] auth md5 <md5-password> | sha <sha-password>
[priv [encrypted] des <des-password> | aes <aes-password-key>] ] ]

The <name> parameter defines the SNMP user name or security name used to access the
management module.

The <groupname> parameter identifies the SNMP group to which this user is associated or
mapped. All users must be mapped to an SNMP group. Groups are defined using the snmp-server
group command.

NOTE

The SNMP group to which the user account will be mapped should be configured before creating the
user accounts; otherwise, the group will be created without any views. Also, ACL groups must be
configured before configuring user accounts.

The v3 parameter is required.

The access <standard-acl-id> parameter is optional. It indicates that incoming SNMP packets are
filtered based on the ACL attached to the user account.

NOTE

The ACL specified in a user account overrides the ACL assigned to the group to which the user is
mapped. If no ACL is entered for the user account, then the ACL configured for the group will be used
to filter packets.

Advertising
Popular Brands
Popular manuals