HP 6125G Command Reference Manual page 90
Network management and monitoring
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
acl ipv6 ipv6-acl-number: Specifies a basic ACL to filter NMSs by source IPv6 address. The
ipv6-acl-number argument represents a basic ACL number in the range of 2000 to 2999. Only the NMSs
with the IPv6 addresses permitted in the ACL can use the specified username to access the SNMP agent.
local: Represents a local SNMP entity user.
engineid engineid-string: Specifies the SNMP engine ID as a hexadecimal string. The engineid-string
argument must comprise an even number of hexadecimal characters, in the range of 10 to 64. All-zero
and all-F strings are invalid.
Description
Use snmp-agent usm-user v3 to create an SNMPv3 user in an SNMP group.
Use undo snmp-agent usm-user v3 to delete an SNMPv3 user from an SNMP group.
You must create an SNMPv3 user for the agent and the NMS to use SNMPv3.
You must create an SNMP group before you assign an SNMP user to the group. Otherwise, the user
cannot take effect after it is created. An SNMP group can contain multiple users. It defines SNMP objects
accessible to the group of users in the MIB view and specifies whether to enable authentication and
privacy functions. The authentication and encryption algorithms are defined when a user is created.
You can use the snmp-agent calculate-password command to obtain a hexadecimal ciphertext string for
the pri-password argument in the snmp-agent usm-user v3 cipher command. To make the calculated
cipher text password applicable to the snmp-agent usm-user v3 cipher command, make sure the same
privacy protocol is specified for the two commands and the local engine ID specified in the snmp-agent
usm-user v3 cipher command is consistent with the SNMP entity engine ID specified in the snmp-agent
calculate-password command.
When you execute this command repeatedly to configure the same user (the usernames are the same, no
limitation to other keywords and arguments), the last configuration takes effect.
For secrecy, both plaintext and ciphertext keys are saved in cipher text. Remember the username and the
plaintext password when you create a user. A plaintext password is required when the NMS accesses the
SNMP agent.
Related commands: snmp-agent calculate-password, snmp-agent group, and snmp-agent usm-user
{ v1 | v2c }.
Examples
# Add the user testUser to the SNMPv3 group testGroup. Configure the security model as authentication
without privacy, the authentication algorithm as MD5, and the plain-text key as authkey.
<Sysname> system-view
[Sysname] snmp-agent group v3 testGroup authentication
[Sysname] snmp-agent usm-user v3 testUser testGroup authentication-mode md5 authkey
•
Set the SNMP version on the NMS to SNMPv3.
Fill in the username testUser.
•
Set the authentication algorithm to MD5.
•
Set the authentication encrypted key to authkey.
•
Establish a connection, and the NMS can access the MIB objects in the default view (ViewDefault)
•
on the device.
# Add the user testUser to the SNMPv3 group testGroup. Configure the security model as authentication
and privacy, the authentication algorithm as MD5, the privacy algorithm as DES56, the plain-text
authentication key as authkey, and the plain-text privacy key as prikey.
84
Advertisement
Table of Contents
