Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Configuring SNMP

Hello:

Currently I have SNMP configured on all my routers and switches.  The config I have used on them has been a snipit I created over 5 years ago.  A lot has changed in that time...  I need to reconfigure all of my devices.  My goal is to use SNMP v3 and configure the devices so they would only send and receive data to my 2 monitoring stations.  I also don't want them to respond to random queries if someone was trying to do an SNMP sniff of the network.

Any advice anyone would have would be greatly appreciated.

Harrison

1 REPLY

Re: Configuring SNMP

Here is an example requiring authorization and privacy passwords, this means credentials and data are encrypted.

access-list 20 permit a.b.c.d

access-list 20 permit a2.b2.c2.d2

snmp-server view Everything iso included
snmp-server view Everything internet.6.3.15 excluded
snmp-server view Everything internet.6.3.16 excluded
snmp-server view Everything internet.6.3.18 excluded

snmp-server group ReadWrite v3 priv read Everything write Everything
snmp-server user snmpAdmin ReadWrite v3 auth sha authPassword priv des56 privPassword access 20

Now you could use NET-SNMP snmpwalk like the following and it should work for devices in access-list 20

> snmpwalk -v 3 -l authpriv -u snmpAdmin -a sha -A authPassword -x DES -X privPassword sysObjectID

For the privacy you will require a k9 version of IOS for encryption.  You may also want to use encryption stronger than  des56, use '?' to see your other options.

177
Views
5
Helpful
1
Replies
CreatePlease to create content