Controlling Management Access to the ProCurve Secure Router
Using SNMP to Manage the ProCurve Secure Router
2-52
Specifying the Engine ID for a Remote Server
When you configure a username to grant a user access to the ProCurve Secure
Router, you can specify that the user's account is stored on a remote server.
(See "Configure SNMP Users" on page 2-58.) In this case, you must first specify
the remote server's engine ID. Enter this command from the global
configuration mode context:
Syntax: snmp-server engineID remote <IP address> <hex string>
Replace <hex string> with 24 hexadecimal characters.
Configuring SNMP Views
In SNMP, the network devices to be monitored are configured as views. A view
consists of one or more network objects that can monitored. When you
configure a view, you specify included or excluded objects. If an object is not
specified in the view, it is excluded by default. A given object can be included
in or excluded from any number of views, as needed.
An object is identified by its OID in the network's MIB. The OID is a hierarchal
string of numbers—for example, 1.4.6.2.8 would identify a specific subtree,
and 1.4.6.2.8.* would identify an entire subtree family.
Management access to a view is controlled in two ways:
Community strings—The community string serves as a password that
SNMP users must provide in order to manage the objects in a view. When
you create a community string, you specify the view that the community
string applies to. (See "Configuring SNMP Traps and Informs" on page
2-60.)
Group membership—When you create an SNMP group, you specify one
or more views that the group (and its member users) has access to. (See
"Create an SNMP Group" on page 2-56.)
When you assign views to a group, you can specify each view as one of three
types:
Read view—allows the group members to read (monitor) event notifica-
tions received from the network devices within the view
Write view—allows the group members to write to (perform management
functions for) network devices within the view
Notify view—allows you to configure notify, inform, or trap event notifi-
cations for devices within the view