User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2

131

132

133

134

135

136

137

138

139

140

Additional configuration for SNMPv3 agent entities SNMP

1-107

iMG/RG Software Reference Manual (System Configuration)

To relax the agent configuration so that this user can access the MIB objects from additional hosts, change the

snmpTargetAddrTMask to perform wildcard matching of the source address of the incoming request mes-

sage.

To relax the agent configuration so that this user can access the MIB objects from any host, change

“whereValidRequestsOriginate” in the usmUserEntry to a dash (-).

To authorize the sending of SNMPv3 authNoPriv Trap messages to a user at exactly one SNMP manager

station (one IP address), add the following lines to the snmpd.cnf configuration file together with the

usmUserEntry for the user “myV3AuthNoPrivUser”.

vacmAccessEntry myV3AuthNoPrivGroup -usm authNoPriv exact - - All

nonVolatile

vacmSecurityToGroupEntry usm myV3AuthNoPrivUser myV3AuthNoPrivGroup

nonVolatile

vacmViewTreeFamilyEntry All iso -included nonVolatile

snmpNotifyEntry myTrap whereMyNotificationsGo trap nonVolatile

snmpTargetAddrEntry myV3Manager_authNoPrivNotifications snmpUDPDomain

192.147.142.35:0 100 3 whereMyNotificationsGo myV3AuthNoPrivParams

nonVolatile 1.2.3.4:0 2048

snmpTargetParamsEntry myV3AuthNoPrivParams 3 usm myV3AuthNoPrivUser

authNoPriv non-Volatile

To configure additional Trap destinations (additional IP addresses where the user is authorized to operate a

management station), add additional snmpTargetAddrEntry entries to the snmpd.cnf configuration file. For

example, to authorize 192.147.142.111 as an additional Trap destination, add the following line to the

snmpd.cnf configuration file.

snmpTargetAddrEntry anotherV3Manager_authNoPrivNotifications snmpUDP-

Domain 192.147.142.111:0 100 3 whereMyNotificationsGo

myV3AuthNoPrivParams nonVolatile 1.2.3.4:0 2048

1.6.8 Additional configuration for SNMPv3 agent entities

1.6.8.1 Configuring context names

A context is a collection MIB objects. An SNMP entity can potentially provide access to many contexts and a

particular MIB object instance can exist in multiple contexts. A context is often associated with a particular

physical or logical device, so a context name is an identifier to distinguish MIB object instances for one device

from MIB object instances for another device.

When a management request is sent to an SNMP agent, the context name which appears in the SNMPv3 mes-

sage (or which is derived from the SNMPv1 or SNMPv2c message) must exist in the agent, or the command

responder application will return a noSuchContext error.