Defining An Snmp Group And Specifying Which View Is Notified Of Traps; Defining The Udp Port For Snmp V3 Traps - Brocade Communications Systems FastIron Administration Manual

Defining an SNMP group and specifying which view is notified of traps

Defining an SNMP group and specifying which view is notified of traps
The SNMP group command allows configuration of a viewname for notification purpose, similar to the
read and write view. The default viewname is "all", which allows access to the entire MIB.
To configure an SNMP user group, first configure SNMPv3 views using the snmp-server view
command. Refer to
the following.
device(config)#snmp-server group admin v3 auth read all write all
notify all
Syntax:[no] snmp-server group groupname { v1 | v2c | v3 { auth | noauth | priv } } [ access {
standard-ACL-id | ipv6 ipv6-ACL-name } ] [ notify viewname ] [ read viewname ] [ write viewname ]
The group groupname parameter defines the name of the SNMP group to be created.
The v1 , v2c , or v3 parameter indicates which version of SNMP to use. In most cases, you will use
v3, since groups are automatically created in SNMP versions 1 and 2 from community strings.
The auth | noauth parameter determines whether or not authentication will be required to access the
supported views. If auth is selected, then only authenticated packets are allowed to access the view
specified for the user group. Selecting noauth means that no authentication is required to access the
specified view. Selecting priv means that an authentication password will be required from the users.
The access standard-ACL-id allows incoming SNMP packets to be filtered based on the standard ACL
attached to the group.
The ipv6 ipv6-ACL-name option configures IPv6 ACL for SNMP group and allows incoming SNMP
packets to be filtered based on the IPv6 ACL attached to the group.
The read viewname | write viewname parameter is optional. It indicates that users who belong to this
group have either read or write access to the MIB.
The notify view allows administrators to restrict the scope of varbind objects that will be part of the
notification. All of the varbinds need to be in the included view for the notification to be created.
The viewname variable is the name of the view to which the SNMP group members have access. If no
view is specified, then the group has no access to the MIB.

Defining the UDP port for SNMP v3 traps

The SNMP host command enhancements allow configuration of notifications in SMIv2 format, with or
without encryption, in addition to the previously supported SMIv1 trap format.
You can define a port that receives the SNMP v3 traps by entering a command such as the following.
device(config)#snmp-server host 192.168.4.11 version v3 auth security-name port 4/1
Syntax: [no] snmp-server host ip-addr | ipv6-addr version [v1 | v2c community-string | v3 auth |
noauth | priv security-name ] [ port trap-UDP-port-number ]
The ip-addr parameter specifies the IP address of the host that will receive the trap.
For version , indicate one of the following
For SNMP version 1, enter v1 and the name of the community string ( community-string ). This string
is encrypted within the system.
156
SNMP v3 configuration examples on page 160. Then enter a command such as
FastIron Ethernet Switch Administration Guide
53-1003625-01