Using Snmp For Switch Security; Community Strings (Snmpv1 And Snmpv2); Configuring Community Strings - Alcatel-Lucent OmniSwitch AOS Release 7 Manual

Switch management guide

Hide thumbs Also See for OmniSwitch AOS Release 7:

Manual (720 pages)

Manual (30 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

page of 204

/ 204
Contents
Table of Contents
Bookmarks

Table of Contents

Using SNMP For Switch Security

Community Strings (SNMPv1 and SNMPv2)

The switch supports the SNMPv1 and SNMPv2c community strings security standard. When a commu-

nity string is carried over an incoming SNMP request, the community string must match up with a user

account name as listed in the community string database on the switch. Otherwise, the SNMP request will

not be processed by the SNMP agent in the switch.

Configuring Community Strings

To use SNMPv1 and v2 community strings, each user account name must be mapped to an SNMP

community string. Follow these steps:

Create a user account on the switch and define its password. Enter the following CLI syntax to create

the account "community_user1".

-> user community_user1 password ******* no auth

Note. A community string inherits the security privileges of the user account that creates it.

A user account can be created locally on the switch by using CLI commands. For detailed information on

setting up user accounts, refer to the "Using Switch Security" chapter of this manual.

Map the user account to a community string.

A community string works like a password so it is defined by the user. It can be any text string up to 32

characters in length. If spaces are part of the text, the string must be enclosed in quotation marks (" "). The

following CLI command maps the username "community_user1" to the community string "comstring2".

-> snmp community map comstring2 user community_user1 enable

Verify that the community string mapping mode is enabled.

By default, the community strings database is enabled. (If community string mapping is not enabled, the

community string configuration will not be checked by the switch.) If the community string mapping

mode is disabled, use the following command to enable it.

-> snmp community map mode enable

Note. Optional. To verify that the community string is properly mapped to the username, enter the

show snmp community-map

->show snmp community map

Community mode : enabled

status

community string

--------+--------------------------------+--------------------------------

enabled

comstring2

This display also verifies that the community map mode is enabled.

page 9-10

command. The display is similar to the one shown here:

OmniSwitch AOS Release 7 Switch Management Guide

user name

community_user1

Using SNMP

March 2011

Table of Contents

This manual is also suitable for:

Omniswitch aos 7

Using Snmp For Switch Security; Community Strings (Snmpv1 And Snmpv2); Configuring Community Strings - Alcatel-Lucent OmniSwitch AOS Release 7 Manual

Using SNMP For Switch Security

Community Strings (SNMPv1 and SNMPv2)

Configuring Community Strings

Related Manuals for Alcatel-Lucent OmniSwitch AOS Release 7

Related Content for Alcatel-Lucent OmniSwitch AOS Release 7

This manual is also suitable for:

Table of Contents