How to Configure SNMP v3 Access for Lawful Intercept on the Router
Command or Action
Step 8
snmp-server user mduser-id groupname v3 auth md5
md-password
Example:
RP/0/RP0/CPU0:router(config)# snmp-server mduser-id
TapGroup v3 auth md5 mdpassword
Step 9
end
or
commit
Example:
RP/0/RP0/CPU0:router(config)# end
or
RP/0/RP0/CPU0:router(config)# commit
Step 10
show snmp users
Example:
RP/0/RP0/CPU0:router# show snmp users
Cisco IOS XR System Security Configuration Guide for the Cisco CRS-1 Router
SC-176
Implementing Lawful Intercept on Cisco IOS XR Software
Purpose
Configures the mediation device user as part of an
SNMP group, using the v3 security model and the
HMAC MD5 algorithm, which you associate with the
mediation device password.
The mduser-id and mdpassword must match that
•
configured on MD. Alternatively, these values
must match those in use on the router.
Passwords must be eight characters or longer to
•
comply with SNMPv3 security minimums.
Minimum LI security level is auth; noauth will
•
not work. The LI security level must also match
that of the MD.
Choices other than MD5 are available on the
•
router, but the MD values must match.
Most MDs default to or support only MD5.
Saves configuration changes.
•
When you issue the end command, the system
prompts you to commit changes:
Uncommitted changes found, commit them
before exiting (yes/no/cancel)?
[cancel]:
–
Entering yes saves configuration changes to
the running configuration file, exits the
configuration session, and returns the router
to EXEC mode.
Entering no exits the configuration session
–
and returns the router to EXEC mode
without committing the configuration
changes.
–
Entering cancel leaves the router in the
current configuration session without exiting
or committing the configuration changes.
Use the commit command to save the
•
configuration changes to the running
configuration file and remain within the
configuration session.
Displays information about each SNMP username in
the SNMP user table.
OL-20382-01