Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1803
Views
0
Helpful
3
Replies

SNMP v3 CONFIG CHECK

Sparkeyluv_357
Level 1
Level 1

‎10-21-2019 02:06 PM

Good afternoon,

 

I'm trying to get SNMP v3 up and running. Here are commands I've entered thus far. My gola is to get SNMP v3 working and to ensure all communications are secure as possible using 3des and sha communications.

 

Step 1. snmp-server group iseCisco v3 pri

Step 2. snmp-server user user1 iseCisco v3 encryption auth sha Password123

 

 

And here is my explanation of the commands entered.

 

Step 1. Created a group called iseCisco. Users logging into the group iseCisco will utilize SNMP v3, encryption for data, and will authenticate. 

 

Step 2. Established a user by the name of user1. The user will access data within the group called iseCisco. These task will utilize SNMP v3, authentication and encryption. The secure state (Encryption) will be established using sha encryption. Authentication of user1 will use the password Password123.

 

Yes, the command entered but am I correct in thinking these things? another question, using this configuration will anything be transmitted in clear text? I believe no. I just want to make sure I understand and can implement what I've learned. (i tried to do the config in packet tracer but... sadly Packet Tracker dose not support SNMP v3.

Labels:
0 Helpful
3 Replies 3

kubn2
Level 1
Level 1

‎10-21-2019 02:44 PM - edited ‎10-21-2019 02:53 PM

Hi,

To check if these commands will work like you wish we need IOS version because snmp configuration commands differ depends on IOS version used.

 

From what I see group is priv so this means nothing will be transported in clear text since message is encrypted but you need to configure user to actually use it so explicitly define a priv command in snmp user command. In IOS 16.06 it would look like that:

snmp-server user user1 iseCisco v3 auth sha Password123 priv aes 256 Privpass123

0 Helpful

Sparkeyluv_357
Level 1
Level 1
In response to kubn2

‎10-21-2019 03:49 PM - edited ‎10-21-2019 03:50 PM

@kubn2 Is “Privpass123” a typo? Im

not familiar with this.

0 Helpful

kubn2
Level 1
Level 1
In response to Sparkeyluv_357

‎10-22-2019 01:23 AM

@Sparkeyluv_357 "Privpass123" isn't a typo. Its just example you can use whatever priv password you like it can be "abc12345".

0 Helpful
Customers Also Viewed These Support Documents