10.8 Enabling Secure SNMP
The snmp-server bootstrap command allows you to specify how you wish to secure SNMP
communications, as described in the SNMPv3 standards. It creates an initial set of configuration
data for SNMPv3. This configuration data follows the conventions described in the SNMPv3
standard (in RFC 3414 and 3415). This command creates a set of initial users, groups and views.
This command deletes all existing SNMP configurations, hence must be used with care.
The syntax for the snmp-server bootstrap command is:
ERS-Stackable(config)# snmp-server bootstrap ?
minimum-secure
semi-secure
very-secure
Parameters and variables
<minimum-secure>
<semi-secure>
<very-secure>
Use minimum security configuration
Use partial security configuration
Use maximum security configuration
Description
Specifies a minimum security configuration that allows read
access to everything using noAuthNoPriv, and write access to
everything using authNoPriv.
Note: In this configuration, view restricted matches view
internet.
Specifies a partial security configuration that allows read access
to a small subset of system information using noAuthNoPriv,
and read and write access to everything using authNoPriv.
Note: In this configuration, restricted contains a smaller subset
of views than internet view. The subsets are defined according
to RFC 3515 Appendix A.
Specifies a maximum security configuration that allows no
access to the users.
Avaya Inc. – External Distribution
avaya.com
52