Instruction Manual
Table Of Contents
- Preface
- Chapter 1. Using the CLI
- Chapter 2. ACL Commands
- Chapter 3. AAA Commands
- Chapter 4. Address Table Commands
- bridge address
- bridge multicast filtering
- bridge multicast address
- bridge multicast forbidden address
- bridge multicast unregistered
- bridge multicast forward-all
- bridge multicast forbidden forward-all
- bridge aging-time
- clear bridge
- port security
- port security mode
- port security max
- port security routed secure-address
- show bridge address-table
- show bridge address-table static
- show bridge address-table count
- show bridge multicast address-table
- show bridge multicast address-table static
- show bridge multicast filtering
- show bridge multicast unregistered
- show ports security
- show ports security addresses
- Chapter 5. Clock Commands
- clock set
- clock source
- clock timezone
- clock summer-time
- sntp authentication-key
- sntp authenticate
- sntp trusted-key
- sntp client poll timer
- sntp broadcast client enable
- sntp anycast client enable
- sntp client enable (Interface)
- sntp unicast client enable
- sntp unicast client poll
- sntp server
- show clock
- show sntp configuration
- show sntp status
- Chapter 6. Configuration and Image File Commands
- Chapter 7. DHCP Snooping Commands
- ip dhcp snooping
- ip dhcp snooping vlan
- ip dhcp snooping trust
- ip dhcp snooping information option allowed-untrusted
- ip dhcp snooping verify
- ip dhcp snooping database
- ip dhcp snooping database update-freq
- ip dhcp snooping binding
- clear ip dhcp snooping database
- show ip dhcp snooping
- show ip dhcp snooping binding
- Chapter 8. Ethernet Configuration Commands
- interface ethernet
- interface range ethernet
- shutdown
- description
- speed
- duplex
- negotiation
- flowcontrol
- mdix
- back-pressure
- system flowcontrol
- clear counters
- set interface active
- show interfaces advertise
- show interfaces configuration
- show interfaces status
- show interfaces description
- show interfaces counters
- port storm-control include-multicast (IC)
- port storm-control broadcast enable
- port storm-control broadcast rate
- show ports storm-control
- Chapter 9. GVRP Commands
- Chapter 10. IGMP Snooping Commands
- ip igmp snooping (Global)
- ip igmp snooping (Interface)
- ip igmp snooping mrouter learn-pim-dvmrp
- ip igmp snooping host-time-out
- ip igmp snooping querier enable
- ip igmp snooping querier address
- ip igmp snooping querier version
- ip igmp snooping mrouter-time-out
- ip igmp snooping leave-time-out
- show ip igmp snooping mrouter
- show ip igmp snooping interface
- show ip igmp snooping groups
- Chapter 11. IP Addressing Commands
- Chapter 12. IPv6 Addressing Commands
- Chapter 13. Line Commands
- Chapter 14. DHCP Option 82 Commands
- Chapter 15. IP DHCP Relay
- Chapter 16. LACP Commands
- Chapter 17. LLDP Commands
- lldp enable (global)
- lldp enable (interface)
- lldp timer
- lldp hold-multiplier
- lldp reinit-delay
- lldp tx-delay
- lldp optional-tlv
- lldp management-address
- lldp notifications
- lldp med enable
- lldp med network-policy (global)
- lldp med network-policy (interface)
- lldp med location
- clear lldp rx
- show lldp configuration
- show lldp med configuration
- show lldp local
- show lldp neighbors
- Chapter 18. Login Banner Commands
- Chapter 19. Management ACL Commands
- Chapter 20. PHY Diagnostics Commands
- Chapter 21. Port Channel Commands
- Chapter 22. Port Monitor Commands
- Chapter 23. Power over Ethernet Commands
- Chapter 24. QoS Commands
- Chapter 25. Radius Commands
- Chapter 26. RMON Commands
- Chapter 27. SNMP Commands
- snmp-server community
- snmp-server view
- snmp-server group
- snmp-server user
- snmp-server engineID local
- snmp-server enable traps
- snmp-server filter
- snmp-server host
- snmp-server v3-host
- snmp-server trap authentication
- snmp-server contact
- snmp-server location
- snmp-server set
- show snmp
- show snmp engineid
- show snmp views
- show snmp groups
- show snmp filters
- show snmp users
- Chapter 28. Spanning-Tree Commands
- spanning-tree
- spanning-tree mode
- spanning-tree forward-time
- spanning-tree hello-time
- spanning-tree max-age
- spanning-tree priority
- spanning-tree disable
- spanning-tree cost
- spanning-tree port-priority
- spanning-tree portfast
- spanning-tree link-type
- spanning-tree pathcost method
- spanning-tree bpdu
- spanning-tree guard root
- spanning-tree bpduguard
- clear spanning-tree detected-protocols
- spanning-tree mst priority
- spanning-tree mst max-hops
- spanning-tree mst port-priority
- spanning-tree mst cost
- spanning-tree mst configuration
- instance (mst)
- name (mst)
- revision (mst)
- show (mst)
- exit (mst)
- abort (mst)
- show spanning-tree
- Chapter 29. SSH Commands
- Chapter 30. Syslog Commands
- Chapter 31. TACACS+ Commands
- Chapter 32. Tunnel Commands
- Chapter 33. System Management Commands
- Chapter 34. User Interface Commands
- Chapter 35. VLAN Commands
- vlan database
- vlan
- interface vlan
- interface range vlan
- name
- switchport protected
- switchport mode
- switchport access vlan
- switchport trunk allowed vlan
- switchport trunk native vlan
- switchport general allowed vlan
- switchport general pvid
- switchport general ingress-filtering disable
- switchport general acceptable-frame-type tagged-only
- switchport general map macs-group vlan
- map mac macs-group
- show vlan macs-group
- switchport forbidden vlan
- ip internal-usage-vlan
- show vlan
- show vlan internal usage
- show interfaces switchport
- Chapter 36. Web Server Commands
- Chapter 37. 802.1x Commands
- aaa authentication dot1x
- dot1x system-auth-control
- dot1x port-control
- dot1x re-authentication
- dot1x timeout re-authperiod
- dot1x re-authenticate
- dot1x timeout quiet-period
- dot1x timeout tx-period
- dot1x max-req
- dot1x timeout supp-timeout
- dot1x timeout server-timeout
- show dot1x
- show dot1x users
- show dot1x statistics
- dot1x auth-not-req
- dot1x guest-vlan
- dot1x single-host-violation
- dot1x mac-authentication
- show dot1x advanced
- dot1x guest-vlan enable
- dot1x guest-vlan timeout
- dot1x radius-attributes vlan
- Index
SNMP Commands
Page 248
Example
The following example configures an SNMPv3 user John in group user-group.
snmp-server engineID local
The snmp-server engineID local Global Configuration mode command specifies the Simple Network
Management Protocol (SNMP) engineID on the local device. Use the no form of this command to remove the
configured engine ID.
Syntax
snmp-server engineID local {engineid-string | default}
no snmp-server engineID local
Parameters
•
engineid-string — Specifies a character string that identifies the engine ID. (Range: 5-32 characters)
• default — The engine ID is created automatically based on the device MAC address.
Default Configuration
The engine ID is not configured.
If SNMPv3 is enabled using this command, and the default is specified, the default engine ID is defined per
standard as:
• First 4 octets — first bit = 1, the rest is IANA Enterprise number = 674.
• Fifth octet — set to 3 to indicate the MAC address that follows.
• Last 6 octets — MAC address of the device.
Command Mode
Global Configuration mode
User Guidelines
To use SNMPv3, you have to specify an engine ID for the device. You can specify your own ID or use a default
string that is generated using the MAC address of the device.
If the SNMPv3 engine ID is deleted or the configuration file is erased, SNMPv3 cannot be used. By default,
SNMPv1/v2 are enabled on the device. SNMPv3 is enabled only by defining the Local Engine ID.
If you want to specify your own ID, you do not have to specify the entire 32-character engine ID if it contains
trailing zeros. Specify only the portion of the engine ID up to the point where just zeros remain in the value. For
example, to configure an engine ID of 123400000000000000000000, you can specify snmp-server engineID local
1234.
Since the engine ID should be unique within an administrative domain, the following is recommended:
For a standalone device, use the default keyword to configure the engine ID.
For a stackable system, configure the engine ID and verify its uniqueness.
Changing the value of the engine ID has the following important side-effect. A user's password (entered on the
command line) is converted to an MD5 or SHA security digest. This digest is based on both the password and the
console(config)#
snmp-server user
John user-group