Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

861

862

863

864

865

866

867

868

869

870

Creating a Community

For SNMPv1 and SNMPv2, create a community to enable the community-based security on the switch.

The management station generates requests to either retrieve or alter the value of a management object and is called the SNMP

manager. A network element that processes SNMP requests is called an SNMP agent. An SNMP community is a group of SNMP agents

and managers that are allowed to interact. Communities are necessary to secure communication between SNMP managers and agents;

SNMP agents do not respond to requests from management stations that are not part of the community.

The system enables SNMP automatically when you create an SNMP community and displays the following message. You must specify

whether members of the community may only retrieve values (read), or retrieve and alter values (read-write).

22:31:23: %SYSTEM-P:CP %SNMP-6-SNMP_WARM_START: Agent Initialized - SNMP WARM_START.

To choose a name for the community you create, use the following command.

• Choose a name for the community.

CONFIGURATION mode

snmp-server community name {ro | rw}

To view your SNMP configuration, use the show running-config snmp command from EXEC Privilege mode.

Dell(conf)#snmp-server community my-snmp-community ro

22:31:23: %SYSTEM-P:CP %SNMP-6-SNMP_WARM_START: Agent Initialized - SNMP WARM_START.

Dell#show running-config snmp

snmp-server community mycommunity ro

Setting Up User-Based Security (SNMPv3)

When setting up SNMPv3, you can set users up with one of the following three types of configuration for SNMP read/write operations.

Users are typically associated to an SNMP group with permissions provided, such as OID view.

• noauth — no password or privacy. Select this option to set up a user with no password or privacy privileges. This setting is the basic

configuration. Users must have a group and profile that do not require password privileges.

• auth — password privileges. Select this option to set up a user with password authentication.

• priv — password and privacy privileges. Select this option to set up a user with password and privacy privileges.

To set up user-based security (SNMPv3), use the following commands.

• Configure the user with view privileges only (no password or privacy privileges).

CONFIGURATION mode

snmp-server user name group-name 3 noauth

• Configure an SNMP group with view privileges only (no password or privacy privileges).

CONFIGURATION mode

snmp-server group group-name 3 noauth auth read name write name

• Configure an SNMPv3 view.

CONFIGURATION mode

snmp-server view view-name oid-tree {included | excluded}

NOTE:

To give a user read and write view privileges, repeat this step for each privilege type.

• Configure the user with an authorization password (password privileges only).

CONFIGURATION mode

snmp-server user name group-name 3 noauth auth md5 auth-password

• Configure an SNMP group (password privileges only).

CONFIGURATION mode

snmp-server group groupname {oid-tree} auth read name write name

• Configure an SNMPv3 view.

CONFIGURATION mode

snmp-server view view-name 3 noauth {included | excluded}

Simple Network Management Protocol (SNMP)

861