Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron

481

482

483

484

485

486

487

488

489

490

FastIron Configuration Guide 423

53-1002494-02

SNMP community strings

You can assign other SNMP community strings, and indicate if the string is encrypted or clear. By

default, the string is encrypted.

To add an encrypted community string, enter commands such as the following.

Brocade(config)#snmp-server community private rw

Brocade(config)#write memory

Syntax: snmp-server community [0 | 1] <string>

ro | rw [view <viewname>] [<standard-ACL-name> | <standard-ACL-id>]

The <string> parameter specifies the community string name. The string can be up to 32

characters long.

The ro | rw parameter specifies whether the string is read-only (ro) or read-write (rw).

NOTE

If you issue a no snmp-server community public ro command and then enter a write memory

command to save that configuration, the “public” community name is removed and will have no

SNMP access. If for some reason the device is brought down and then brought up, the “no

snmp-server community public ro” command is restored in the system and the “public” community

string has no SNMP access.

The 0 | 1 parameter affects encryption for display of the string in the running-config and the

startup-config file. Encryption is enabled by default. When encryption is enabled, the community

string is encrypted in the CLI regardless of the access level you are using. In the Web Management

Interface, the community string is encrypted at the read-only access level but is visible at the

read-write access level.

The encryption option can be omitted (the default) or can be one of the following:

• 0 – Disables encryption for the community string you specify with the command. The

community string is shown as clear text in the running-config and the startup-config file. Use

this option if you do not want the display of the community string to be encrypted.

• 1 – Assumes that the community string you enter is encrypted, and decrypts the value before

using it.

NOTE

If you want the software to assume that the value you enter is the clear-text form, and to encrypt

display of that form, do not enter 0 or 1. Instead, omit the encryption option and allow the software

to use the default behavior.

NOTE

If you specify encryption option 1, the software assumes that you are entering the encrypted form

of the community string. In this case, the software decrypts the community string you enter before

using the value for authentication. If you accidentally enter option 1 followed by the clear-text

version of the community string, authentication will fail because the value used by the software will

not match the value you intended to use.

The command in the example above adds the read-write SNMP community string “private”. When

you save the new community string to the startup-config file (using the write memory command),

the software adds the following command to the file.

snmp-server community 1 <encrypted-string> rw