|
|
|
Cisco SNMP v3 Setup
|
|
Applies to:
|
PacketTrap Perspective
|
|
Cisco SNMP v3 Setup
SNMP v3 setup is made up of three components:
1) A ‘view’ which defines what MIBs are available
#sh snmp view
v1default iso - included volatile active
v1default internet.6.3.15 - excluded volatile active
v1default internet.6.3.16 - excluded volatile active
v1default internet.6.3.18 - excluded volatile active
v1default ciscoMgmt.252 - excluded volatile active
To create a view:
PT3750(config)#snmp-server view writeView ciscoMgmt.96.1.1.1.1 included
PT3750(config)#snmp-server view writeView ciscoMgmt.96.1.1.1.1.2 included
- NOTE in order to setup the view, you must know the OIDs to include.
- ciscoMgmt = .1.3.6.1.4.1.9.9
2) ‘groups’ which link a ‘view’ to a version of SNMP (v1, v2 or v3) and defines whether auth or priv (encryption) is required. Groups can be set to one of three security models:
a. Auth (authNoPriv) = authentication, no encryption
b. Noauth (noAuthNoPriv) = no authentication, no encryption
c. Priv (authPriv) = authentication, encryption
#sh snmp group
groupname: NoAuthNoPriv security model:v3 noauth
readview : v1default writeview: <no writeview specified>
notifyview: <no notifyview specified>
row status: active
groupname: authNoPriv security model:v3 auth
readview : v1default writeview: <no writeview specified>
notifyview: <no notifyview specified>
row status: active
groupname: AuthPriv security model:v3 priv
readview : v1default writeview: <no writeview specified>
notifyview: <no notifyview specified>
row status: active
3) Users which define the group and authentication/encryption protocols and password required to access a node
User name: PTnoAuth
Engine ID: 80000009030000115C3F9840
storage-type: nonvolatile active
Authentication Protocol: None
Privacy Protocol: None
Group-name: NoAuthNoPriv
User name: PTauthMD5
Engine ID: 80000009030000115C3F9840
storage-type: nonvolatile active
Authentication Protocol: MD5
Privacy Protocol: None
Group-name: authNoPriv
User name: PTauthSHA
Engine ID: 80000009030000115C3F9840
storage-type: nonvolatile active
Authentication Protocol: SHA
Privacy Protocol: None
Group-name: authNoPriv
User name: PTprivMdes
Engine ID: 80000009030000115C3F9840
storage-type: nonvolatile active
Authentication Protocol: MD5
Privacy Protocol: DES
Group-name: AuthPriv
User name: PTprivSdes
Engine ID: 80000009030000115C3F9840
storage-type: nonvolatile active
Authentication Protocol: SHA
Privacy Protocol: DES
Group-name: AuthPriv
|
|
|
|
|