Configuration manual
Configuring SNMP
Fixed Switch Configuration Guide 12-17
Example
The following example shows an SNMP community names configuration using the steps in
Procedure 12-4 on page 12-16.
enterasys(su)->set snmp access gAdmin security-model usm privacy exact read
vSecured write vSecured notify vSecured
enterasys(su)->set snmp access gReadOnlyV1V2C security-model v1 exact read
vUnsecured
enterasys(su)->set snmp access gReadOnlyV1V2C security-model v2c exact read
vUnsecured
enterasys(su)->set snmp access gReadWriteV1V2C security-model v1 exact read
vUnsecured write vUnsecured
enterasys(su)->set snmp access gReadWriteV1V2C security-model v2c exact read
vUnsecured write vUnsecured
enterasys(su)->set snmp community cnPrivate securityname sn_v1v2c_rw
enterasys(su)->set snmp community cnPublic securityname sn_v1v2c_ro
enterasys(su)->set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v1
enterasys(su)->set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v1
enterasys(su)->set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v2c
enterasys(su)->set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v2c
enterasys(su)->set snmp group gAdmin user it-admin security-model usm
enterasys(su)->set snmp user it-admin privacy priv_key authentication sha auth_key
enterasys(su)->set snmp view viewname vSecured subtree 1
enterasys(su)->set snmp view viewname vSecured subtree 0.0
enterasys(su)->set snmp view viewname vUnsecured subtree 1
enterasys(su)->set snmp view viewname vUnsecured subtree 0.0
enterasys(su)->set snmp view viewname vUnsecured subtree 1.3.6.1.6.3.15 excluded
enterasys(su)->set snmp view viewname vUnsecured subtree 1.3.6.1.6.3.16 excluded
enterasys(su)->set snmp view viewname vUnsecured subtree 1.3.6.1.6.3.18.1.1
excluded
5. Using the viewnames assigned in Step 1, create
restricted views for v1/v2c users, and
unrestricted views for v3 users.
set snmp view viewname secured-
viewname subtree 1
set snmp view viewname secured-
viewname subtree 0.0
set snmp view viewname unsecured-
viewname subtree 1
set snmp view viewname unsecured-
viewname subtree 0.0
6. Exclude the following from the restricted view
• snmpUsmMIB (which contains v3 user
names, but no passwords)
• snmpVacmMIB (which contains SNMP view
configurations)
• snmpCommunityTable (which contains
community names)
set snmp view viewname unsecured-
viewname subtree 1.3.6.1.6.3.15
excluded
set snmp view viewname unsecured-
viewname subtree 1.3.6.1.6.3.16
excluded
set snmp view viewname unsecured-
viewname subtree 1.3.6.1.6.3.18.1.1
excluded
Procedure 12-4 Configuring Secure Community Names (continued)
Step Task Command(s)