Simple Network Management Protocol (SNMP)
Configuring SNMPv2C
The following commands are used to configure SNMPv2C:
Switch(config)# snmp-server host host-address [ informs] version 2c community-string
Switch(config)# snmp-server community string [ ro | rw] [ access-list-number]
An access list can be used to limit the hosts that can be accessed via SNMP with the following command:
Switch(config)# access-list access-list-number permit ip-addr
The access list is optional.
Example:
Switch(config)# access-list 10 permit 10.1.1.1
Switch(config)# snmp-server community MyCommunity ro 10
Switch(config)# snmp-server host 10.1.1.1 version 2c MyCommunity
Configuring SNMPv3
SNMPv3 uses a user/group and security levels to exchange its messages. In addition, we can use views to delimit the exchanged OIDs.
SNMPv3 security levels are:
- noauth: SNMP packets are neither authenticated nor encrypted.
- auth: SNMP packets are authenticated but not encrypted.
- priv: SNMP packets are authenticated and encrypted.
The recommendation is to use the priv security level whenever possible. Let’s see what the commands are to configure SNMPv3.
Define an SNMPv3 view.
Switch(config)# snmp-server view view-name oid-tree
Define an SNMPv3 user group.
Switch(config)# snmp-server group group-name v3 { noauth | auth | priv } [ read read-view ] [ write write-view ] [ notify notify-view ] [ access access access-list ]
Define an SNMPv3 user.
Switch(config)# snmp-server user user-name group-name v3 auth {md5 | sha auth-password priv { des | 3des | aes { 128 | 192 | 256 } priv-password [ access-list ]
Define an SNMPv3 trap or inform receiver.
Switch(config)# snmp-server host host-address [ informs ] version 3 { noauth | auth | priv } user-name [ trap-type ]
Simple SNMPv3 example to send alerts to the 10.1.1.1 server using the security level priv and the user name MyUser:
Switch(config)# snmp-server group MyGroup v3 priv
Switch(config)# snmp-server user MyUser MyGroup v3 auth sha MyPassAuth priv aes 128 MyPassAuth
Switch(config)# snmp-server host 10.1.1.1 informs version 3 priv MyUser