Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SNMP v3 configuration

Hello folks

could you guys please tell me if you know some documents on how to configure SNMPv3 ?

this is the only one i've found so far

http://www.cisco.com/en/US/docs/ios/12_0t/12_0t3/feature/guide/Snmp3.html#wp19524

but i need to understand how to get the engineID and all of that what's required what's not and maybe some configuration examples

thank you

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: SNMP v3 configuration

This document may help:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml

The engineID should be pre-assigned, and can be obtained with the command:

show snmp engineID

The Local SNMP engineID can then be used in your SNMP managers.

Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:

snmp-server group v3group v3 auth

snmp-server user v3user v3group v3 auth md5 v3user123

5 REPLIES
Cisco Employee

Re: SNMP v3 configuration

This document may help:

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094489.shtml

The engineID should be pre-assigned, and can be obtained with the command:

show snmp engineID

The Local SNMP engineID can then be used in your SNMP managers.

Essentially, all you need to allow a manager to poll your device is an SNMPv3 group and an SNMPv3 user. The simplest working config is:

snmp-server group v3group v3 auth

snmp-server user v3user v3group v3 auth md5 v3user123

New Member

Re: SNMP v3 configuration

Thank you Joe

I was wondering how do you know the engine ID of the management station, like What's up gold ?

what happen when you set a remote engine id on the device ?

this is an optional step, but i don't know what it does

thanks

Cisco Employee

Re: SNMP v3 configuration

You would have to check with Ipswitch. You will only need to set a remote engineID if you are going to be using SNMP informs. With informs, the manager becomes the authoritative engine, and thus the agent has to send the informs with its engineID.

New Member

Re: SNMP v3 configuration

Joe

i configured the 2 lines for testing purposes on 1 switch

when i issue a show run | i snmp-server

rkl1r324s3750Fa#sh run | i snmp

snmp-server group v3group v3 auth

snmp-server community netmonr RO

snmp-server community netmonrw RW

the command where i set the user doesn't show up, is that ok ?

i'm also running snmp v2c at this point

thanks

Cisco Employee

Re: SNMP v3 configuration

This is expected. Per the SNMPv3 spec, the user cannot appear in the config as even the hashed credentials cannot be displayed. If you want to confirm your user is configured, use "show snmp user".

If you've configured a user, you're actually running SNMPv1, v2c, and v3.

4036
Views
0
Helpful
5
Replies