Configuring snmp groups and users – Cisco 15327 User Manual
Page 375
22-9
Ethernet Card Software Feature and Configuration Guide, R7.2
Chapter 22 Configuring SNMP
Configuring SNMP Groups and Users
This example shows how to assign the string comaccess to SNMP, to allow read-only access, and to
specify that IP access list 4 can use the community string to gain access to the ML-Series card SNMP
agent:
ML_Series(config)# snmp-server community comaccess ro 4
Configuring SNMP Groups and Users
You can specify an identification name (engine ID) for the local or remote SNMP server engine on the
ML-Series card. You can configure an SNMP server group that maps SNMP users to SNMP views, and
you can add new users to the SNMP group.
Beginning in privileged EXEC mode, follow these steps to configure SNMP on the ML-Series card:
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
snmp-server engineID {local
engineid-string | remote ip-address
[udp-port port-number]}
Configure a name for either the local or remote copy of SNMP.
•
The engineid-string is a 24-character ID string with the name of
the copy of SNMP.
•
If you select remote, specify the ip-address of the device that
contains the remote copy of SNMP and the optional UDP port on
the remote device. The UDP port default is 162.
Step 3
snmp-server group groupname {v1 | v2c
[auth | noauth | priv]} [read readview]
[write writeview] [notify notifyview]
[access access-list]
Configure a new SNMP group on the remote device.
•
For groupname, specify the name of the group.
•
Specify a security model:
–
v1 is the less secure model.
–
v2c is the more secure model. It allows transmission of
inform requests and integers that are twice the normal width.
Note
The priv keyword is available only when the crypto software
image is installed.
•
(Optional) Enter read readview with a string (not to exceed
64 characters) that is the name of the view in which you can only
view the contents of the agent.
•
(Optional) Enter write writeview with a string (not to exceed
64 characters) that is the name of the view in which you can enter
data and configure the contents of the agent.
•
(Optional) Enter notify notifyview with a string (not to exceed
64 characters) that is the name of the view in which you can
specify a notify, inform request, or trap.
•
(Optional) Enter access access-list with a string (not to exceed
64 characters) that is the name of the access list.