User manual

ManualsBrandsMcDATA ManualsNetwork CardOPENconnectors Command Line Interace

121

122

123

124

125

126

127

128

129

130

2-84

E/OS Command Line Interface User Manual

config

cmlhbCBOdW1iZXIgVEVTVDQ1MDAwHhcNMDUwNTAyMTI0OTU0WhcNMDUwNjIxMTI0

OTU0WjBAMRYwFAYDVQQDEw0xNzIuMjYuMjIuMjEyMSYwJAYDVQQKEx1Td2l0Y2gg

U2VyaWFsIE51bWJlciBURVNUNDUwMDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC6

et6ISmqRSRCODtWgk0M/9Hl6iKLBF1Eoyb0t0ujq1IawEll7BvQZSyWhBqEx4had

48HXRw6r71O3gYIWSSFfAgMBAAGjHDAaMBgGA1UdEQQRMA+CDTE3Mi4yNi4yMi4y

MTIwDQYJKoZIhvcNAQEFBQADQQBaa325NT4TU2E4vrtUORg5I6xSob/Uh3kiLO77

PkCJPZeex7N/8k8ur2c8CGNxG7OFe9yBqDyF2oQHYiulg5Kq

-----END CERTIFICATE-----

MD5:

1F:AC:B8:FF:BD:92:F0:13:E7:43:5E:AB:7F:C4:2D:E6

SHA-1:

5E:4A:0E:91:33:4B:10:75:00:EE:33:A8:AD:55:14:46:F4:E3:6B:43

config.snmp

The E/OS provides additional level of security to the existing SNMP

framework by supporting SNMPv3 in addition to SNMP versions 1

and 2, which authenticate the SNMP requests based on the

community string.

SNMPv3 provides security and access control by supporting a set of

authentication protocols (HMAC-MD5-96, HMAC-SHA-96) and a

privacy protocol (CBC-DES symmetric encryption protocol). The

security and access based on the User-based Security Model (USM)

and View-based Access Control Model (VACM) requires using

multiple tables: User Table, Access Table, Security-to-Group Table

and Target Table. The E/OS CLI provides commands to configure

these tables and enables or disables v1-v2/v3 support.

The SNMP client must be configured according to the security and

access settings on the agent. To ensure that existing v1 and v2

community strings can continue to communicate with the agent, they

must be configured appropriately in SNMPv3.

NOTE: Before enabling SNMPv3, ensure that all desired communities are

configured for SNMPv3 access. If existing community strings are not

configured for SNMPv3, then existing SNMP access will be lost.

The authentication/privacy key (password) configured for an

SNMPv3 User on a switch is not localized. Therefore, the

authentication/privacy key configured in the SNMP management

application must be configured as a non-localized

authentication/privacy key in ASCII format. For more information