Snmp-Agent Usm-User V3 - H3C S5120-SI Series Command Reference Manual
Hide thumbs
Also See for S5120-SI Series:
- Configuration manual (745 pages) ,
- Operation manual (697 pages) ,
- Command reference manual (209 pages)
Table of Contents
Advertisement
allow or prohibit SNMP packets with a specific source IP address, so as to allow or prohibit the specified
NMS to access the agent by using this user name.
Description
Use the snmp-agent usm-user { v1 | v2c } command to add a user to an SNMP group.
Use the undo snmp-agent usm-user { v1 | v2c } command to delete a user from an SNMP group.
As defined in the SNMP protocol, in SNMPv1 and SNMPv2c networking applications, the NMS and the
agent use community name to authenticate each other; in SNMPv3 networking applications, they use
user name to authenticate each other. If you prefer using the user name in the authentication, the
device supports configuration of SNMPv1 and SNMPv2c users. Creating an SNMPv1 or SNMPv2c user
equals adding of a new read-only community name. After you add the user name into the read-only
community name field of the NMS, the NMS can establish SNMP connection with the device.
To make the configured user take effect, create an SNMP group first.
Related commands: snmp-agent group, snmp-agent community, snmp-agent usm-user v3.
Examples
# Create a v2c user userv2c in group readCom.
<Sysname> system-view
[Sysname] snmp-agent sys-info version v2c
[Sysname] snmp-agent group v2c readCom
[Sysname] snmp-agent usm-user v2c userv2c readCom
Set the SNMP version on the NMS to SNMPv2c
Fill in the read community name userv2c, and then the NMS can access the agent
# Create a v2c user userv2c in group readCom, allowing only the NMS with the IP address of
1.1.1.1 to access the agent by using this user name; other NMSs are not allowed to access the
agent by using this user name.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0
[Sysname-acl-basic-2001] rule deny source any
[Sysname-acl-basic-2001] quit
[Sysname] snmp-agent sys-info version v2c
[Sysname] snmp-agent group v2c readCom
[Sysname] snmp-agent usm-user v2c userv2c readCom acl 2001
Set the IP address of the NMS to 1.1.1.1
Set the SNMP version on the NMS to SNMPv2c
Fill in both the read community and write community options with userv2c, and then the NMS can
access the agent.
snmp-agent usm-user v3
Syntax
snmp-agent usm-user v3 user-name group-name [ cipher ] [ authentication-mode { md5 | sha }
auth-password [ privacy-mode { 3des | aes128 | des56 } priv-password ] ] [ acl acl-number ]
undo snmp-agent usm-user v3 user-name group-name { local | engineid engineid-string }
1-27
Advertisement
Chapters
Table of Contents
