Chapter 23
Configuring SNMP
Beginning in privileged EXEC mode, follow these steps to configure a community string on the switch:
Command
Step 1
configure terminal
Step 2
snmp-server community string [view
view-name] [ro | rw] [access-list-number]
Step 3
access-list access-list-number {deny |
permit} source [source-wildcard]
Step 4
end
Step 5
show running-config
Step 6
copy running-config startup-config
To disable access for an SNMP community, set the community string for that community to the null
Note
string (do not enter a value for the community string).
OL-19808-01
Purpose
Enter global configuration mode.
Configure the community string.
The @ symbol is used for delimiting the context
Note
information. Avoid using the @ symbol as part of the
SNMP community string when configuring this command.
For string, specify a string that acts like a password and
•
permits access to the SNMP protocol. You can configure one
or more community strings of any length.
•
(Optional) For view, specify the view record accessible to the
community.
(Optional) Specify either read-only (ro) if you want
•
authorized management stations to retrieve MIB objects, or
specify read-write (rw) if you want authorized management
stations to retrieve and modify MIB objects. By default, the
community string permits read-only access to all objects.
(Optional) For access-list-number, enter an IP standard access
•
list numbered from 1 to 99 and 1300 to 1999.
(Optional) If you specified an IP standard access list number in
Step 2, then create the list, repeating the command as many times
as necessary.
•
For access-list-number, enter the access list number specified
in Step 2.
The deny keyword denies access if the conditions are
•
matched. The permit keyword permits access if the conditions
are matched.
For source, enter the IP address of the SNMP managers that
•
are permitted to use the community string to gain access to the
agent.
(Optional) For source-wildcard, enter the wildcard bits in
•
dotted decimal notation to be applied to the source. Place ones
in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 2360 Switch Software Configuration Guide
Configuring SNMP
23-9