Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SNMP v3 noAuthNoPriv for MDS 9124

Hi all,

I am testing against an MDS 9124 at 3.2(3a), and have not been able to communicate to the switch using SNMP v3 noAuthNoPriv. I have configured an SNMP user with noAuthNoPriv as a member of the network-admin group, using the following command:

snmp-server user test_1 network-admin

All attempts to query the switch with this user result in an authorization failure.

Any ideas on what I am missing in the configuration?

Thank you!

--andrea

2 REPLIES
Cisco Employee

Re: SNMP v3 noAuthNoPriv for MDS 9124

Andrea,

The MDS has 2 logins types that should automatically sync with each other. If you create a CLI user (for telnet and SSH), that same user should be generated for SNMP V3 access (Fabric and Device Manager). If you want to generate an SNMP user called test_1 and provide network-admin role, the command is something like this. (I don't have access to MDS at the moment due to a lab move so I can not confirm the exact command.)

snmp-server user test_1 role network-admin

You need to provide the password, and specify that role is network-admin. As you enter the command, you can use the ? to see what the next possible parameter might be. IE: 'snmp-server user test_1 ?' should show you that the next entry might be the password.

Once entered, if you enter the command 'show snmp users' you should see test_1 appear like the admin user and both should show network-admin.

Also as a result of the snmp-server user being created, a CLI user should be created with the same password and role. This is seen with the 'show user-account' display command.

Hope this helps,

Mike

New Member

Re: SNMP v3 noAuthNoPriv for MDS 9124

Hi Mike,

Thank you so much for your reply!

I have found that if I want to create a user with noAuthNoPriv SNMP V3 access, I cannot give the user a password. If I give the user a password, then it automatically gives the user the authPriv level. Using the 'show snmp user' command this shows up as:

User Auth Priv(enforce) Groups

------ ---- ------------- ------

test_1 md5 des(no) network-admin

What I would like is a user with setting:

test_1 no no network-admin

I know this is probably not the normal usage of SNMP V3, but this is a test case I must cover since it is available in SNMP V3.

--andrea

953
Views
0
Helpful
2
Replies
CreatePlease to create content