Configuring SNMP
Users
SNMPv3 uses the User-based Security Model (USM) for security, and the View-based Access
Control Model (VACM) for access control. USM uses the HMAC-MD5-96 and HMAC-SHA-96
protocols for user authentication, and the CBC-DES56 protocol for encryption or privacy.
An unlimited number of uses can access SNMPv3 at the same time.
SNMP security levels
NoAuthNoPriv — This is the lowest level of SNMPv3 security. No Message
●
Authentication Code (MAC) is provided with the message, and no encryption is performed.
This method maintains the same security level as SNMPv1, but provides a method for
limiting the access rights of the user.
AuthNoPriv — User authentication is performed based on MD5 or SHA algorithms. The
●
message is sent with an HMAC that is calculated with the user key. The data part is sent
unencrypted.
AuthPriv — User authentication is performed based on MD5 or SHA algorithms. The
●
message is sent in encrypted MAC that is calculated with the user key, and the data part is
sent with DES56 encryption using the user key.
SNMP-server user command
Use the snmp-server user command to create a user or to change the parameters of an
existing user. This command includes the following parameters:
Username — A string of up to 32 characters representing the name of the user.
●
Groupname — A string of up to 32 characters representing the name of the group with
●
which the user is associated.
SecurityModel — The SNMP version functionality that the user is authorized to use.
●
Possible values are: v1 (SNMPv1), v2c (SNMPv2c), and v3 (SNMPv3).
Authentication Protocol — The authentication protocol to use. Possible values are:
●
noAuth (no authentication), md5 (HMAC MD5), and sha (HMAC SHA-1).
Authentication Password — A string of between 8 and 64 characters specifying the
●
user's authentication password. The authentication password is transformed using the
authentication protocol and the SNMP engine ID to create an authentication key.
Privacy Protocol — The privacy protocol to use. Possible values are: No privacy,
●
DES privacy.
Privacy Password — A string of between 8 and 64 characters specifying the user's
●
privacy password.
292 Administration for the Avaya G250 and Avaya G350 Media Gateways