Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsSoftwareExtremeWare Command
41424344454647484950
Using SNMP
ExtremeWare XOS 10.1 Concepts Guide 43
SNMPEngineBoots can also be configured from the command line. SNMPEngineBoots can be set to any
desired value but will latch on its maximum, 2147483647. Use the following command to set the
SNMPEngineBoots:
configure snmpv3 engine-boots <(1-2147483647)>
Users, Groups, and Security
SNMPv3 controls access and security using the concepts of users, groups, security models, and security
levels.
Users. Users are created by specifying a user name. Depending on whether the user will be using
authentication and/or privacy, you would also specify an authentication protocol (MD5 or SHA) with
password or key, and/or privacy (DES) password or key. To create a user, use the following command:
configure snmpv3 add user {hex} <user_name> {authentication [md5 | sha] [hex <hex
octet> | <auth_password>]} {privacy [hex <hex octet> | <priv_password>]} {volatile}
There are a number of default, permanent users initially available.The default user names are: admin,
initial, initialmd5, initialsha, initialmd5Priv, initialshaPriv. The default password for admin is password. For
the other default users, the default password is the user name.
To display information about a user, or all users, use the following command:
show snmpv3 user {{hex} <user name>}
To delete a user, use the following command:
configure snmpv3 delete user [all-non-defaults | {hex} <user name>]
NOTE
In the SNMPv3 specifications there is the concept of a security name. In the ExtremeWare XOS
implementation, the user name and security name are identical. In this manual we use both terms to
refer to the same thing.
Groups. Groups are used to manage access for the MIB. You use groups to define the security model,
the security level, and the portion of the MIB that members of the group can read or write. To
underscore the access function of groups, groups are defined using the following command:
configure snmpv3 add access {hex} <group_name> {sec-model [snmpv1 | snmpv2 | usm]}
{sec-level [noauth | authnopriv | authpriv]} {read-view {hex} <view name>} {write-view
{hex} <view name>} {notify-view {hex} <view name>} {volatile}
The security model and security level are discussed in the section labeled Security Models and Levels.
The view names associated with a group define a subset of the MIB (subtree) that can be accessed by
members of the group. The read view defines the subtree that can be read, write view defines the
subtree that can be written to, and notify view defines the subtree that notifications can originate from.
MIB views are discussed in the section MIB Access Control.
There are a number of default (permanent) groups already defined. These groups are: admin, initial,
v1v2c_ro, v1v2c_rw. Use the following command to display information about the access configuration of
a group or all groups:
show snmpv3 access {{hex} <group name>}