Cisco ASR 9000 Series User Configuration Manual page 395
Aggregation services router
Hide thumbs
Also See for ASR 9000 Series:
- Command reference manual (1138 pages) ,
- Routing configuration manual (702 pages) ,
- Reference manual (696 pages)
Table of Contents
Advertisement
Implementing SNMP
The user must belong to a noauth group before a noAuthNoPriv user can be created.
Note
Only one remote host can be assigned to the same username for SNMP version 3. If you configure the same
username with different remote hosts, only the last username and remote host combination will be accepted
and will be seen in the show running configuration. In the case of multiple SNMP managers, multiple unique
usernames are required.
This example shows the same username case which only the last configuration will be accepted:
snmp-server user username
<password> priv aes 128 <password>
snmp-server user username nervectrgrp remote 10.214.127.2 udp-port 162 v3 auth sha <password>
priv aes 128
snmp-server user username
<password> priv aes 128 <password>
RP/0/RSP0/CPU0:router# show run snmp-server user
snmp-server user username nervectrgrp remote 10.69.236.147 udp-port 162 v3 auth sha
encrypted <password> priv aes 128 encrypted <password>
This example shows all 3 hosts for username1, username2, and username3 will be accepted.
:
snmp-server user username1
<password> priv aes 128 <password>
snmp-server user username2
<password> priv aes 128
snmp-server user username3
<password> priv aes 128 <password>
RP/0/RSP0/CPU0:router# show run snmp-server user
snmp-server user batmanusr1 nervectrgrp remote 10.69.236.146 udp-port 162 v3 auth sha
encrypted <password> priv aes 128 encrypted <password>
snmp-server user batmanusr2 nervectrgrp remote 10.214.127.2 udp-port 162 v3 auth sha
encrypted <password> priv aes 128 encrypted <password>
snmp-server user batmanusr3 nervectrgrp remote 10.69.236.147 udp-port 162 v3 auth sha
encrypted <password> priv aes 128 encrypted <password>
This example shows how to verify the attributes that apply to the SNMP user:
RP/0/RSP0/CPU0:router# show snmp user
User name: noauthuser
Engine ID: localSnmpID
storage-type: nonvolatile active
Given the following SNMPv3 view and SNMPv3 group configuration:
!
snmp-server view SNMP_VIEW1 1.3.6.1.2.1.1 included
snmp-server group SNMP_GROUP1 v3 auth notify SNMP_VIEW1 read SNMP_VIEW1 write SNMP_VIEW1
!
This example shows how to create a user with authentication (including encryption), read, and write view
access to a system group:
config
snmp-server user userv3authpriv SNMP_GROUP1 v3 auth md5 password123 priv aes 128 password123
nervectrgrp remote 10.69.236.146 udp-port 162 v3 auth sha
<password>
nervectrgrp remote 10.69.236.147 udp-port 162 v3 auth sha
nervectrgrp remote 10.69.236.146 udp-port 162 v3 auth sha
nervectrgrp remote 10.214.127.2 udp-port 162 v3 auth sha
<password>
nervectrgrp remote 10.69.236.147 udp-port 162 v3 auth sha
Cisco ASR 9000 Series Aggregation Services Router System Management Configuration Guide, Release 5.1.x
Configuring SNMPv3: Examples
377
Advertisement
Table of Contents
Troubleshooting
