Administrator Guide
Switch Management Commands 2141
User Guidelines
If you want to use SNMPv3, an engine ID is required for the switch. You can
specify your own ID or use the default string that is generated using the MAC
address of the device. If the SNMPv3 engine ID is changed, or the
configuration file is erased, then SNMPv3 cannot be used until the SNMPv3
users are reconfigured. Since the EngineID must be unique within an
administrative domain, the following guidelines are recommended:
1
For standalone devices use the default keyword to configure the Engine
ID.
2
For stackable systems, configure your own EngineID, and verify that is
unique within your administrative domain.
Changing the value of the snmpEngineID has important side-effects. A user's
password (entered on the command line) is converted to an MD5 or SHA
security digest. This digest is based on both the password and the local engine
ID. The command line password is then deleted and is not stored on the
switch, as required by RFC 2274. Because of this deletion, if the local value of
engineID changes, the security digests of SNMPv3 users will be invalid and
the users will have to be reconfigured.
Example
The following example configures the Engine ID automatically.
console(config)# snmp-server engineID local default
snmp-server filter
Use the snmp-server filter command in Global Configuration mode to create
or update a Simple Network Management Protocol (SNMP) server filter
entry. To remove the specified SNMP server filter entry, use the no form of
this command.
Syntax
snmp-server filter filter-name oid-tree {included | excluded}
no snmp-server filter filter-name [oid-tree]
• filter-name — Specifies the label for the filter record that is being
updated or created. The name is used to reference the record. (Range: 1-
30 characters.)