10-05-2009 11:11 AM
Hello folks
could you guys please tell me if you know some documents on how to configure SNMPv3 ?
this is the only one i've found so far
http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp19524
but i need to understand how to get the engineID and all of that what's required what's not and maybe some configuration examples
thank you
Solved! Go to Solution.
10-05-2009 11:23 AM
This document may help:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml
The engineID should be pre-assigned, and can be obtained with the command:
show snmp engineID
The Local SNMP engineID can then be used in your SNMP managers.
Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:
snmp-server group v3group v3 auth
snmp-server user v3user v3group v3 auth md5 v3user123
10-05-2009 11:23 AM
This document may help:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml
The engineID should be pre-assigned, and can be obtained with the command:
show snmp engineID
The Local SNMP engineID can then be used in your SNMP managers.
Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:
snmp-server group v3group v3 auth
snmp-server user v3user v3group v3 auth md5 v3user123
10-05-2009 11:44 AM
Thank you Joe
I was wondering how do you know the engine ID of the management station, like What's up gold ?
what happen when you set a remote engine id on the device ?
this is an optional step, but i don't know what it does
thanks
10-05-2009 12:01 PM
You would have to check with Ipswitch. You will only need to set a remote engineID if you are going to be using SNMP informs. With informs, the manager becomes the authoritative engine, and thus the agent has to send the informs with its engineID.
10-06-2009 06:55 AM
Joe
i configured the 2 lines for testing purposes on 1 switch
when i issue a show run | i snmp-server
rkl1r324s3750Fa#sh run | i snmp
snmp-server group v3group v3 auth
snmp-server community netmonr RO
snmp-server community netmonrw RW
the command where i set the user doesn't show up, is that ok ?
i'm also running snmp v2c at this point
thanks
10-06-2009 08:07 AM
This is expected. Per the SNMPv3 spec, the user cannot appear in the config as even the hashed credentials cannot be displayed. If you want to confirm your user is configured, use "show snmp user".
If you've configured a user, you're actually running SNMPv1, v2c, and v3.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide