Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2
121122123124125126127128129130
SNMP Additional configuration for SNMPv3 agent enti-
iMG/RG Software Reference Manual (System Configuration)
1-92
request message from this user (originating from another SNMP entity) can be received if the message was sent
using no security or using MD5 authentication. The SNMP agent can send Trap messages to this user using no
security or using MD5 authentication.
usmUserEntry localSnmpID myV3AuthNoPrivUser usmHMACMD5AuthProtocol
usmNoPrivProtocol nonVolatile whereValidRequestsOriginate
myV3UserAuthPassword
1.6.1.5.5 Configuration for no authentication
The following usmUserEntry configures an SNMP agent engine with information about an SNMPv3 user
whose name is “myV3NoAuthNoPrivUser”. This user does not have an authentication password, so the last
field contains a dash (-). An SNMP request message from this user (originating from another SNMP entity) can
be received if the message was sent using no security.
The SNMP agent can send Trap messages to this user using no security.
usmUserEntry localSnmpID myV3NoAuthNoPrivUser usmNoAuthProtocol usm-
NoPrivProtocol nonVolatile whereValidRequestsOriginate –
1.6.2 Additional configuration for SNMPv3 agent entities
Certain SNMP applications (which are normally associated with an SNMP entity acting in the "agent” role)
require more information in addition to the information about SNMPv3 users.
1.6.2.1 Configuring view-based access control
Configuration of view-based access control must be provided for the SNMP engine to correctly process
SNMPv1, SNMPv2c, or SNMPv3 messages. Configuring view-based access control is a process that requires
three steps:
Define a family of view subtrees.
Define a group and its associated access rights.
Assign an SNMPv3 user (or SNMPv1 community string, etc.) to the group defined in step2.
The following sections describe each step of this process in more detail.
1.6.2.2 Defining families of view subtrees
To configure an view tree family, add an vacmViewTreeFamily definition in the snmpd.cnf file accord-
ingly the following syntax:
vacmViewTreeFamily <vacmViewTreeFamilyViewName> <vacmViewTreeFam-
ilySubtree> <vacmViewTreeFamilyMask> <vacmViewTreeFamilyType> <vacm-
ViewTreeFamilyStorageType>