Sample snmpv3 access control – ADC CUDA 3 User Manual

Cuda 12000 IP Access Switch CLI-based Administration Guide

Sample SNMP Configurations

199

To configure the “admincon” community, the administrator issues the
following commands:

cli:192.168.208.3:root# snmp-server view allaccess 1.3.6.1 included

cli:192.168.208.3:root# snmp-server group admingroup v1 read allaccess write

allaccess

cli:192.168.208.3:root# snmp-server group admingroup v2 read allaccess write

allaccess

cli:192.168.208.3:root# snmp-server community admincon admingroup address

100.100.0.0 mask 255.255.0.0

To configure the “justme” community, the administrator issues the following
commands:

cli:192.168.208.3:root# snmp-server community justme admingroup address 100.100.10.5

cli:192.168.208.3:root# snmp-server community justme admingroup address 100.100.10.8

Notice that the administrator does not have to specify a view or a group. The
administrator uses the view and group created during configuration of the
“admincon” community.

Sample SNMPv3 Access Control

To configure SNMPv3 community access control, you must:

1. Configure SNMP Access Views.

2. Configure SNMP Groups.

3. Configure SNMPv3 Users and Contexts.

First, the administrator creates:

■

A view that includes access to most of the MIB and a view that excludes
access from sensitive configuration information.

■

A group that configures the user for the default security model
“noauth.”

■

An SNMPv3 user called “mgr.”

■

A context called “monitor” that allows the user read-only access to the
entire MIB, except for sensitive SNMP configuration information.