Manualshelf

User manual

ManualsBrandsProtium ManualsComputer equipment4050R
31323334353637383940
CONFIDENTIAL Protium Technologies, Inc. 4050-9901
Rev No: 05
5 GHz RF Modem 31-Jan-2007 37 of 84
This document and information contained herein is subject to the restrictions set forth on the title page
.
unauthorized access. New user accounts with administrative access may also perform account management, in
which case the original factory defined user may be deleted.
The specific details of managing accounts will depend a lot on the particular MIB browser that is being used. The
instructions below show command line examples that are probably unlikely to be used in practice. In any case,
however, the following steps or their equivalent are necessary for user account management.
5.4.1 Creating a User
The procedure that is used by SNMP to create a new user account is (a) clone an existing user, (b) assign an
existing set of access rights to the new user, (c) change the pass phrases of the new user, and (d) commit the
changes to non-volatile memory.
5.4.1.1 Cloning a User
New users are created by cloning an existing user. The initial factory provided users (“admin” and “oper”) are
configured with MD5 authentication and DES privacy encryption. Since cloning is the only way to specify which
authentication and privacy protocols to use for a given user, all subsequent users will also have MD5
authentication and DES encryption.
Note: it is only possible to clone to a new user one time. Subsequent attempts to re-clone onto the same user will
appear to succeed, but will be silently ignored. This somewhat unexpected behavior is mandated by the SNMPv3
USM specifications (RFC 3414). To recreate a user, it is necessary to first delete the existing user.
The following command clones the existing (factory defined) user “admin” to a new user named “newuser.” Each
of the options in the command line is explained below.
snmpusm -v 3 -u admin -l authPriv -a MD5 -A password –x DES –X password \
192.168.1.64 create newuser admin
The following “common options” in the command line are necessary to access the SNMPv3 agent in the modem
for any purpose. Some or all of these may be set as default values in the MIB browser so that it is not necessary to
specify them each time.
-v 3 Use SNMPv3
-u admin Use user account “admin” to access SNMP
-l authPriv User account “admin” has both authentication and privacy
-a MD5 Use MD5 for authentication
-A password Use “password” as the MD5 pass phrase. This is the factory set pass phrase. If the pass
phrase has been changes as is recommended, the new pass phrase should be used here.
-x DES Use DES encryption
-X password Use “password” as the DES pass phrase. This is the factory set pass phrase. If the pass
phrase has been changes as is recommended, the new pass phrase should be used here.
The DES pass phrase may or may not be the same as the MD5 pass phrase.
The following options specify the actual function that is to be performed:
192.168.1.64 The IP number (or domain name resolvable to the IP number) of the RF modem. The
actual value should refer to the target RF modem.
create The desired USM function, i.e. create a new user