Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13454
Views
5
Helpful
5
Replies

SNMP v3 configuration

Go to solution
cris_jimenez
Level 2
Level 2

‎10-05-2009 11:11 AM

Hello folks

could you guys please tell me if you know some documents on how to configure SNMPv3 ?

this is the only one i've found so far

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp19524

but i need to understand how to get the engineID and all of that what's required what's not and maybe some configuration examples

thank you

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎10-05-2009 11:23 AM

This document may help:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml

The engineID should be pre-assigned, and can be obtained with the command:

show snmp engineID

The Local SNMP engineID can then be used in your SNMP managers.

Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:

snmp-server group v3group v3 auth

snmp-server user v3user v3group v3 auth md5 v3user123

View solution in original post

5 Replies 5

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎10-05-2009 11:23 AM

This document may help:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml

The engineID should be pre-assigned, and can be obtained with the command:

show snmp engineID

The Local SNMP engineID can then be used in your SNMP managers.

Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:

snmp-server group v3group v3 auth

snmp-server user v3user v3group v3 auth md5 v3user123

Go to solution
cris_jimenez
Level 2
Level 2
In response to Joe Clarke

‎10-05-2009 11:44 AM

Thank you Joe

I was wondering how do you know the engine ID of the management station, like What's up gold ?

what happen when you set a remote engine id on the device ?

this is an optional step, but i don't know what it does

thanks

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to cris_jimenez

‎10-05-2009 12:01 PM

You would have to check with Ipswitch. You will only need to set a remote engineID if you are going to be using SNMP informs. With informs, the manager becomes the authoritative engine, and thus the agent has to send the informs with its engineID.

0 Helpful

Go to solution
cris_jimenez
Level 2
Level 2
In response to Joe Clarke

‎10-06-2009 06:55 AM

Joe

i configured the 2 lines for testing purposes on 1 switch

when i issue a show run | i snmp-server

rkl1r324s3750Fa#sh run | i snmp

snmp-server group v3group v3 auth

snmp-server community netmonr RO

snmp-server community netmonrw RW

the command where i set the user doesn't show up, is that ok ?

i'm also running snmp v2c at this point

thanks

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to cris_jimenez

‎10-06-2009 08:07 AM

This is expected. Per the SNMPv3 spec, the user cannot appear in the config as even the hashed credentials cannot be displayed. If you want to confirm your user is configured, use "show snmp user".

If you've configured a user, you're actually running SNMPv1, v2c, and v3.

0 Helpful
Customers Also Viewed These Support Documents