Owner manual
Table Of Contents
- Contents
- Figures
- Tables
- Preface
- Section I
- Basic Operations
- Chapter 1
- Overview
- Chapter 2
- Enhanced Stacking
- Chapter 3
- SNMPv1 and SNMPv2c
- Chapter 4
- MAC Address Table
- Chapter 5
- Static Port Trunks
- Chapter 6
- LACP Port Trunks
- Chapter 7
- Port Mirror
- Section II
- Advanced Operations
- Chapter 8
- File System
- Chapter 9
- Event Logs and the Syslog Client
- Chapter 10
- Classifiers
- Chapter 11
- Access Control Lists
- Chapter 12
- Class of Service
- Chapter 13
- Quality of Service
- Chapter 14
- Denial of Service Defenses
- Chapter 15
- Power Over Ethernet
- Section III
- Snooping Protocols
- Chapter 16
- IGMP Snooping
- Chapter 17
- MLD Snooping
- Chapter 18
- RRP Snooping
- Chapter 19
- Ethernet Protection Switching Ring Snooping
- Section IV
- SNMPv3
- Chapter 20
- SNMPv3
- Section V
- Spanning Tree Protocols
- Chapter 21
- Spanning Tree and Rapid Spanning Tree Protocols
- Chapter 22
- Multiple Spanning Tree Protocol
- Section VI
- Virtual LANs
- Chapter 23
- Port-based and Tagged VLANs
- Chapter 24
- GARP VLAN Registration Protocol
- Chapter 25
- Multiple VLAN Modes
- Chapter 26
- Protected Ports VLANs
- Chapter 27
- MAC Address-based VLANs
- Section VII
- Routing
- Chapter 28
- Internet Protocol Version 4 Packet Routing
- Supported Platforms
- Overview
- Routing Interfaces
- Interface Names
- Static Routes
- Routing Information Protocol (RIP)
- Default Routes
- Equal-cost Multi-path (ECMP) Routing
- Routing Table
- Address Resolution Protocol (ARP) Table
- Internet Control Message Protocol (ICMP)
- Routing Interfaces and Management Features
- Local Interface
- AT-9408LC/SP AT-9424T/GB, and AT-9424T/SP Switches
- Routing Command Example
- Non-routing Command Example
- Upgrading from AT-S63 Version 1.3.0 or Earlier
- Chapter 29
- BOOTP Relay Agent
- Chapter 30
- Virtual Router Redundancy Protocol
- Section VIII
- Port Security
- Chapter 31
- MAC Address-based Port Security
- Chapter 32
- 802.1x Port-based Network Access Control
- Section IX
- Management Security
- Chapter 33
- Web Server
- Chapter 34
- Encryption Keys
- Chapter 35
- PKI Certificates and SSL
- Chapter 36
- Secure Shell (SSH)
- Chapter 37
- TACACS+ and RADIUS Protocols
- Chapter 38
- Management Access Control List
- Appendix A
- AT-S63 Management Software Default Settings
- Address Resolution Protocol Cache
- Boot Configuration File
- BOOTP Relay Agent
- Class of Service
- Denial of Service Defenses
- 802.1x Port-Based Network Access Control
- Enhanced Stacking
- Ethernet Protection Switching Ring (EPSR) Snooping
- Event Logs
- GVRP
- IGMP Snooping
- Internet Protocol Version 4 Packet Routing
- MAC Address-based Port Security
- MAC Address Table
- Management Access Control List
- Manager and Operator Account
- Multicast Listener Discovery Snooping
- Public Key Infrastructure
- Port Settings
- RJ-45 Serial Terminal Port
- Router Redundancy Protocol Snooping
- Server-based Authentication (RADIUS and TACACS+)
- Simple Network Management Protocol
- Simple Network Time Protocol
- Spanning Tree Protocols (STP, RSTP, and MSTP)
- Secure Shell Server
- Secure Sockets Layer
- System Name, Administrator, and Comments Settings
- Telnet Server
- Virtual Router Redundancy Protocol
- VLANs
- Web Server
- Appendix B
- SNMPv3 Configuration Examples
- Appendix C
- Features and Standards
- 10/100/1000Base-T Twisted Pair Ports
- Denial of Service Defenses
- Ethernet Protection Switching Ring Snooping
- Fiber Optic Ports (AT-9408LC/SP Switch)
- File System
- DHCP and BOOTP Clients
- Internet Protocol Multicasting
- Internet Protocol Version 4 Routing
- MAC Address Table
- Management Access and Security
- Management Access Methods
- Management Interfaces
- Management MIBs
- Port Security
- Port Trunking and Mirroring
- Spanning Tree Protocols
- System Monitoring
- Traffic Control
- Virtual LANs
- Virtual Router Redundancy Protocol
- Appendix D
- MIB Objects
- Index
Chapter 20: SNMPv3
214 Section IV: SNMPv3
“SNMPv3 Target Parameters Table” on page 215
“SNMPv3 Community Table” on page 215
SNMPv3 User
Table
The Configure SNMPv3 User Table menu allows you to create an
SNMPv3 user and provides the options of configuring authentication and
privacy protocols. With the SNMPv3 protocol, users are authenticated
when they send and receive messages. In addition, you can configure a
privacy protocol and password so messages a user sends and receives
are encrypted. The DES privacy algorithm uses the privacy password and
the Engine ID to generate a key that is used for encryption. Lastly, you can
configure a storage type for this table entry which allows you to save this
user and its related configuration to flash memory.
SNMPv3 View
Table
The Configure SNMPv3 View Table menu allows you to create a view of
the MIB OID Table. First, you configure a view of a subtree. Then you
have the option of configuring a Subtree Mask that further refines the
subtree view. For example, you can use a Subtree Mask to restrict a
user’s view to one row of the MIB OID Table. In addition, you can chose to
include or exclude a view. As a result, you can let a user see a particular
view or prevent a user from seeing a particular view. Lastly, you can
configure a storage type for this table entry which allows you to save this
view to flash memory.
SNMPv3 Access
Table
The Configure SNMPv3 Access Table menu allows you to configure a
security group. After you create a security group, you assign a set of users
with the same access privileges to this group using the SNMPv3
SecurityToGroup Table. Consider the types of groups you want to create
and the types of access privileges each group will have. In this way, you
can more easily keep track of your users as belonging to one or two
groups.
For each group, you can assign read, write, and notify views of the MIB
table. The views you assign here have been previously defined in the
Configure SNMPv3 View Table menu. For example, the Read View allows
group members to view the specified portion of the OID MIB table. The
Write View allows group members to write to, or modify, the MIBs in the
specified MIB view. The Notify View allows group members to send trap
messages defined by the MIB view. Lastly, you can configure a storage
type for this table entry which allows you to save this view to flash
memory.
SNMPv3
SecurityToGroup
Table
The Configure SNMPv3 SecurityToGroup Table menu allows you to
associate a User Name with a security group called a Group Name. The
User Name is previously configured with the Configure SNMPv3 User
Table menu. The security group is previously configured with the
Configure SNMPv3 Access Table menu. Lastly, you can configure a
storage type for this table entry which allows you to save the entry to flash
memory.