Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3144
Views
0
Helpful
1
Replies

Snmp v3

jrajan
Level 1
Level 1

‎08-28-2016 06:41 AM - edited ‎03-08-2019 07:11 AM

How to configure snmp v3 on cisco l3 switch and acccess on radius server

Labels:
0 Helpful
1 Reply 1

AFROJ AHMAD
Cisco Employee
Cisco Employee

‎08-28-2016 08:17 PM

Hi,

sample configuration , hope it will help ###

Here is snmpv3 example to configure snmpv3  from scratch:

Switch# conf t

Enter configuration commands, one per line.  End with CNTL/Z.

Create SNMP view:

Switch(config)#snmp-server view ?
  WORD  Name of the view

Switch(config)#snmp-server view myview ?
  WORD  MIB view family name
  <cr>
Switch(config)#snmp-server view myview iso

  excluded  MIB family is excluded from the view
  included  MIB family is included in the view

Switch(config)#snmp-server view myview iso included ?
  <cr>

Switch(config)#snmp-server view myview iso included

Create SNMP v3 Group:

Switch(config)#snmp-server group cisconms ?
  v1   group using the v1 security model
  v2c  group using the v2c security model
  v3   group using the User Security Model (SNMPv3)

Switch(config)#snmp-server group cisconms v3 ?
  auth    group using the authNoPriv Security Level
  noauth  group using the noAuthNoPriv Security Level
  priv    group using SNMPv3 authPriv security level

Switch(config)#snmp-server group cisconms v3 auth ?
  access   specify an access-list associated with this group
  context  specify a context to associate these views for the group
  match    context name match criteria
  notify   specify a notify view for the group
  read     specify a read view for the group
  write    specify a write view for the group
  <cr>
Switch(config)#snmp-server group cisconms v3 auth read ?
  WORD  read view name

Switch(config)#snmp-server group cisconms v3 auth read iso ?
  access  specify an access-list associated with this group
  notify  specify a notify view for the group
  write   specify a write view for the group
  <cr>

Switch(config)#snmp-server group cisconms v3 auth read iso wr
Switch(config)#snmp-server group cisconms v3 auth read myview write myview ?
  access  specify an access-list associated with this group
  notify  specify a notify view for the group
  <cr>

Switch(config)#snmp-server group cisconms v3 auth read myview write myview
Switch(config)#snmp-ser
Switch(config)#snmp-server user
Switch(config)#snmp-server user cisco ?
  WORD  Group to which the user belongs

Create SNMP user:

Switch(config)#snmp-server user ?
  WORD  Name of the user

Switch(config)#snmp-server user cisco ?
  WORD  Group to which the user belongs

Switch(config)#snmp-server user cisco cisconms ?
  remote  Specify a remote SNMP entity to which the user belongs
  v1      user using the v1 security model
  v2c     user using the v2c security model
  v3      user using the v3 security model

Switch(config)#snmp-server user cisco cisconms v3 ?
  access     specify an access-list associated with this group
  auth       authentication parameters for the user
  encrypted  specifying passwords as MD5 or SHA digests
  <cr>

Switch(config)#snmp-server user cisco cisconms v3 auth ?
  md5  Use HMAC MD5 algorithm for authentication
  sha  Use HMAC SHA algorithm for authentication

Switch(config)#snmp-server user cisco cisconms v3 auth md5 ?
  WORD  authentication pasword for user

Switch(config)#snmp-server user cisco cisconms v3 auth md5 cisco123 ?
  access  specify an access-list associated with this group
  priv    encryption parameters for the user
  <cr>

Switch(config)#snmp-server user cisco cisconms v3 auth md5 cisco123 priv ?
  3des  Use 168 bit 3DES algorithm for encryption
  aes   Use AES algorithm for encryption
  des   Use 56 bit DES algorithm for encryption

Switch(config)#snmp-server user cisco cisconms v3 auth md5 cisco123 priv 3des ?
  WORD  privacy pasword for user

Switch(config)#snmp-server user cisco cisconms v3 auth md5 cisco123 priv 3des 123cisco

Switch# sh run | i snmp

snmp-server group cisconms v3 auth read myview write myview

Switch#show snmp user

User name: cisco
Engine ID: 8000000903000021568D2A81
storage-type: nonvolatile        active
Authentication Protocol: MD5
Privacy Protocol: 3DES
Group-name: cisconms

nmsswitch#show snmp engineID

Local SNMP engineID: 8000000903000021568D2A81

Remote Engine ID          IP-addr    Port

Switch#show snmp group
groupname: public                           security model:v1
readview : v1default                        writeview: <no writeview specified>

groupname: cisconms                         security model:v3 auth
readview : myview                           writeview: myview


Thanks-

Afroz

****Ratings Encourages Contributors ***

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful
Customers Also Viewed These Support Documents