| Using the BayStack 5510 Switch
|
  
|
Using NNCLI commands to create an SNMPv3 view and user
Use the following procedure as a guide to using NNCLI commands to create or change a SNMPv3 access view and user:
- In the NNCLI, create a view using the following syntax:
| snmp-server view <view-name> <oid> |
| snmp-server view allView +1.3 |
| Specifying +1.3 allows you to access to everything on the switch in the OID tree. You can restrict access to a particular OID or to a section of the OID tree. For example: +1.3.6.1.6.3.1.1.5 limits the user to traps only. |
- In the NNCLI, create a user and define the authentication and privacy method:
- Syntax for no authentication and no privacy:
| snmp-server user <user-name> read-view <view-name> write-view <view-name> notify-view <view-name> |
| snmp-server user fbarnes read-view allView write-view allView notify-view allView |
- Syntax for MD5 authentication and no privacy:
| snmp-server user <user-name> md5 <authentication-password> read-view <view-name> write-view <view-name> notify-view <view-name> |
| snmp-server user fbarnes md5 myPass read-view allView write-view allView notify-view allView |
- Syntax for MD5 authentication and DES encryption:
| snmp-server user <user-name> md5 <authentication-password> des <privacy-password> read-view <view-name> write-view <view-name> notify-view <view-name> |
| snmp-server user fbarnes md5 myPass des myPass read-view allView write-view allView notify-view allView |
- Syntax for SHA authentication and no privacy:
| snmp-server user <user-name> sha <authentication-password> read-view <view-name> write-view <view-name> notify-view <view-name> |
| snmp-server user fbarnes sha myPass read-view allView write-view allView notify-view allView |
- Syntax for SHA authentication with DES encryption:
| snmp-server user <user-name> sha <authentication-password> des <privacy-password> read-view <view-name> write-view <view-name> notify-view <view-name> |
| For example: SHA authentication with DES encryption: |
| snmp-server user fbarnes sha myPass des myPass read-view allView write-view allView notify-view allView |
You cannot specify both md5 and sha authentication. You may use one or the other. If you wish to access your device using both authentication methods, then define a separate user for each.
- Set up a target address and parameter for user trap notification:
| For an authenticated user: |
| snmp-server host <trap-server-ip-address> v3 auth <user-name> |
| snmp-server host <trap-server-ip-address> v3 auth-priv <user-name> |