Groups - Avaya G350 Administration

Configuring SNMP
SNMP versions
•
AuthNoPriv — User authentication is performed based on MD5 or SHA algorithms. The
message is sent with an HMAC that is calculated with the user key. The data part is sent
unencrypted.
•
AuthPriv — User authentication is performed based on MD5 or SHA algorithms. The message is
sent in encrypted MAC that is calculated with the user key, and the data part is sent with DES56
encryption using the user key.
Use the
snmp-server user
command includes the following parameters:
•
Username
•
Groupname
user is associated.
•
SecurityModel
values are: v1 (SNMPv1), v2c (SNMPv2c), and v3 (SNMPv3).
•
Authentication Protocol
(no authentication), md5 (HMAC MD5), and sha (HMAC SHA-1).
•
Authentication Password
authentication password. The authentication password is transformed using the authentication
protocol and the SNMP engine ID to create an authentication key.
•
Privacy Protocol
•
Privacy Password
password.
•
Volatile
After reset, the user settings return to their previous values.
Use the form of the
no
not specify a group, the

Groups

In SNMPv3, each user is mapped to a group. The group maps its users to defined views. These views
define sets of access rights, including read, write, and trap or inform notifications the users can receive.
The group maps its users to views based on the security mode and level with which the user is
communicating with the G350. Within a group, the following combinations of security mode and level
can be mapped to views:
•
SNMPv1 — Anyone with a valid SNMPv1 community name.
•
SNMPv2c — Anyone with a valid SNMPv2c community name.
•
NoAuthNoPriv — An SNMPv3 user using the NoAuthNoPriv security level.
•
AuthNoPriv — An SNMPv3 user using the AuthNoPriv security level.
•
AuthPriv — An SNMPv3 user using the AuthPriv security level.
If views are not defined for all security modes and levels, a user can access the highest level view below
the user's security level. For example, if the SNMPv1 and SNMPv2c views are undefined for a group,
anyone logging in using SNMPv1 and SNMPv2c cannot access the device. If the NoAuthNoPriv view is
not defined for a group, SNMPv3 users with a NoAuthNoPriv security level can access the SNMPv2c
view.
100
command to create a user or to change the parameters of an existing user. This
— A string of up to 32 characters representing the name of the user.
— A string of up to 32 characters representing the name of the group with which the
— The SNMP version functionality that the user is authorized to use. Possible
— The authentication protocol to use. Possible values are: encrypted
— A string of between 8 and 64 characters specifying the user's
— The privacy protocol to use. Possible values are: No privacy, DES privacy.
— A string of between 8 and 64 characters specifying the user's privacy
— Specifies that the user configurations are only set temporarily, until the system is reset.
command to remove a user from a specified group. If you do
snmp-server user
no form of the snmp-server user command removes the user from all groups.
Administration of the Avaya G350 Media Gateway
June 2004