Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
596
Views
9
Helpful
7
Replies

some SNMP commands

att-sgcops
Level 1
Level 1

‎02-06-2006 08:39 AM - edited ‎03-03-2019 11:40 AM

Have read cisco command reference, but still not able to understand command

snmp-server engineID remote|local

snmp-server user

snmp group

can someone show the example?

thanks

Labels:
0 Helpful
7 Replies 7

pkhatri
Level 11
Level 11

‎02-06-2006 07:00 PM

snmp-server engineID local|remote:

----------------------------------

Within the SNMP framework, the SNMP engine is the entity that sends/receives SNMP messages. The engine also performs message authentication and encryption. The engine ID is simply an identifier for the engine. Typically, you do not need to specify an engine ID as the router will use a default ID. The local ID is important because it is used as an input when creating security digests for user passwords. You will only configure a remote engine ID when you are sending SNMPv3 traps (informs) to another SNMP engine. In that case, you have to use the remote engine's ID to create the security digest. The 'snmp-server engineID local|remote' commands are used to configure these IDs, if required. If you don't have the correct remote engine ID, the security digest will be incorrect and the SNMP inform will simply be discarded by the remote engine.

snmp-server user

----------------

This command is used to create usernames/passwords that can be used by other SNMP engines to authenticate when they try to access the local router via SNMP. It's a better form of security than using just communities

snmp-server group

----------------

YOu can use this command to create SNMP groups to which you can then assign users. For example, if you have a certain set of users who you would like to provide restricted SNMP access to, you can create a group with the appropriate privileges. You then assign users to these groups so that they inherit these privileges. You can have multiple groups...

Hope that helps - pls rate the post if it does.

Paresh

rezaalikhani
Level 3
Level 3
In response to pkhatri

‎08-19-2006 05:29 AM

when we set the snmp engine ID, what is the ID and how can get it?

P.S. I am using Cisco switch 3550

0 Helpful

devang_etcom
Level 7
Level 7
In response to rezaalikhani

‎08-19-2006 05:46 AM

engine ID is the 24 character long...if you do not specify the entire 24 charecter then it will padd zeroes on the right...

you are configuring engine id by your own...

and its used to compute various cryptographic keys...

hope this is help you

rate this post it it helps

regards

Devang

0 Helpful

rezaalikhani
Level 3
Level 3
In response to devang_etcom

‎08-19-2006 05:55 AM

thanks for your reply!

You mean every characters I can use? Can I copy another engine ID on another system and use it in my switch?

thanks

0 Helpful

devang_etcom
Level 7
Level 7
In response to rezaalikhani

‎08-19-2006 06:08 AM

you can use engine ID like this:

Local SNMP engineID: 00000009020000000C025808

Remote Engine ID IP-addr Port

123456789ABCDEF000000000 171.69.37.61 162

and i think this engineID identify the local SNMP engine and remote engine configured with the their own remote engine ID...

you can have more detail form this link:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_r/frprt3/frd3001.htm#wp1052829

rate this post if it helps

regards

Devang

rezaalikhani
Level 3
Level 3
In response to devang_etcom

‎08-19-2006 06:17 AM

Can I copy another engine ID on another system and use it in my switch?

0 Helpful

rezaalikhani
Level 3
Level 3
In response to devang_etcom

‎08-20-2006 02:08 AM

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card