Topology:
SNMP Version 3 provides security features that cover message integrity, authentication, and encryption.
Users can use SNMPv3 to read/write the switch which is more secure than SNMP version 1 & 2.
Switch's Configuration:
1. Configure the management IP address on switch.
Console#configure Console(config)#interface vlan 1 Console(config-if)#ip address 192.168.1.1/24
2. Create a SNMP "view" rule which control the user access to the MIB.
Console(config)#snmp-server view Super 1.3.6.1.4.1.259.10.1.46.* included
- The "*" sign is using to select entire text of the OID.
3. Create a SNMP group and specify the security level.
Console(config)#snmp-server group Super_group v3 priv read Super write Super
- The SNMPv3 supports the following setting of security levels:
auth - The group is using the authNoPriv security level
noauth - The group is using the noAuthNoPriv security level
priv - The group is using SNMPv3 authPriv security level
4. Create a SNMP user account and specify its group.
Console(config)#snmp-server user support Super_group v3 auth md5 test1234 priv des56 test1234
Net-SNMP:
root@E5100-Ts-TestPC:~# snmpwalk -v 3 -u support -l AuthPriv -a MD5 -A test1234 -x DES -X test1234 192.168.1.1 1.3.6.1.4.1.259.10.1.46.1
Now user can use SNMPv3 to read/write the switch.
Prev Page How to configure the DHCPv6 relay on the ECS4120 series ?