User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2

131

132

133

134

135

136

137

138

139

140

SNMP authNoPriv SNMPv3 users

iMG/RG Software Reference Manual (System Configuration)

1-106

To authorize the sending of SNMPv3 noAuthNoPriv Trap messages to a user at exactly one SNMP man-

ager station (one IP address), add the following lines to the snmpd.cnf configuration file together with the

usmUserEntry for the user “myV3NoAuthNoPrivUser”.

vacmAccessEntry myV3NoAuthNoPrivGroup -usm noAuthNoPriv exact - - All

nonVolatile

vacmSecurityToGroupEntry usm myV3NoAuthNoPrivUser

myV3NoAuthNoPrivGroup nonVolatile

vacmViewTreeFamilyEntry All iso -included nonVolatile

snmpNotifyEntry myTrap whereMyNotificationsGo trap nonVolatile

snmpTargetAddrEntry myV3Manager_noAuthNoPrivNotifications snmpUDPDo-

main 192.147.142.35:0 100 3 whereMyNotificationsGo

myV3NoAuthNoPrivParams nonVolatile 1.2.3.4:0 2048

snmpTargetParamsEntry myV3NoAuthNoPrivParams 3 usm

myV3NoAuthNoPrivUser noAuthNoPriv non-Volatile

To configure additional Trap destinations (additional IP addresses where the user is authorized to operate a

management station), add additional snmpTargetAddrEntry entries to the snmpd.cnf configuration file.

For example, to authorize 192.147.142.111 as an additional Trap destination, add the following line to the

snmpd.cnf configuration file.

snmpTargetAddrEntry anotherV3Manager_noAuthNoPrivNotifications snm-

pUDPDomain 192.147.142.111:0 100 3 whereMyNotificationsGo

myV3NoAuthNoPrivParams nonVolatile 1.2.3.4:0 2048

1.6.7 authNoPriv SNMPv3 users

To authorize the receipt of SNMPv3 authNoPriv Get and Set

requests from the user

"myV3AuthNoPrivUser” from exactly one manager station (one IP address), add the following lines to the

snmpd.cnf configuration file together with the usmUserEntry for the user "myV3AuthNoPrivUser”.

vacmAccessEntry myV3AuthNoPrivGroup -usm authNoPriv exact All All -

nonVolatile

vacmSecurityToGroupEntry usm myV3AuthNoPrivUser myV3AuthNoPrivGroup

nonVolatile

vacmViewTreeFamilyEntry All iso -included nonVolatile

snmpTargetAddrEntry myV3Manager_allRequests snmpUDPDomain

192.147.142.35:0 0 0 whereValidRequestsOriginate -nonVolatile

255.255.255.255:0 2048

5. To authorize Get request without authorizing Set requests, the fields "All All –" in the vacmAccessEntry should be

changed to "All - - "