R3166-R3206-HP High-End Firewalls System Management and Maintenance Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

161

162

163

164

165

166

167

168

169

170

160

undo snmp-agent usm-user v3 user-name group-name { local | engineid engineid-string }

View

System view

Default level

3: Manage level

Parameters

user-name: User name, a string of 1 to 32 characters. It is case sensitive.

group-name: Group name, a string of 1 to 32 characters. It is case sensitive.

cipher: Specifies that auth-password and priv-password are cipher text passwords, which can be

calculated by using the snmp-agent calculate-password command.

authentication-mode: Specifies the security model to be authentication. MD5 is faster than SHA, while

SHA provides a higher security than MD5.

• md5: Specifies the authentication protocol as MD5. For more information about MD5, see VPN

Configuration Guide.

• sha: Specifies the authentication protocol as SHA-1. For more information about SHA, see VPN

Configuration Guide.

auth-password: Authentication password. If the cipher keyword is not specified, auth-password indicates

a plain text password, which is a string of 1 to 64 visible characters. If the cipher keyword is specified,

auth-password indicates a cipher text password. If the md5 keyword is specified, auth-password is a

string of 32 hexadecimal characters. If the sha keyword is specified, auth-password is a string of 40

hexadecimal characters.

privacy-mode: Specifies the security model to be privacy. The three encryption algorithms AES, 3DES,

and DES are in descending order in terms of security. Higher security means more complex

implementation mechanism and lower speed. DES is enough to meet general requirements.

• 3des: Specifies the privacy protocol as 3DES. For more information about 3DES, see VPN

Configuration Guide.

• des56: Specifies the privacy protocol as DES. For more information about DES, see VPN

Configuration Guide.

• aes128: Specifies the privacy protocol as AES. For more information about AES, see VPN

Configuration Guide.

priv-password: The privacy password. If the cipher keyword is not specified, priv-password indicates a

plain text password, which is a string of 1 to 64 characters; if the cipher keyword is specified,

priv-password indicates a cipher text password; if the 3des keyword is specified, priv-password is a string

of 80 hexadecimal characters; if the aes128 keyword is specified, priv-password is a string of 40

hexadecimal characters; if the des56 keyword is specified, priv-password is a string of 40 hexadecimal

characters.

acl acl-number: Associates a basic ACL with the user. acl-number is in the range 2000 to 2999. By using

a basic ACL, you can restrict the source IP address of SNMP packets, that is, you can configure to allow

or prohibit SNMP packets with a specific source IP address, so as to allow or prohibit the specified NMS

to access the agent by using this user name.

local: Represents a local SNMP entity user.

engineid engineid-string: The engine ID string, an even number of hexadecimal characters, in the range

10 to 64. Its length must not be an odd number, and the all-zero and all-F strings are invalid.