R3721-F3210-F3171-HP High-End Firewalls System Management and Maintenance Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module

191

192

193

194

195

196

197

198

199

200

185

Default level

3: Manage level

Parameters

user-name: User name, a case-sensitive string of 1 to 32 characters.

group-name: Group name, a case-sensitive string of 1 to 32 characters.

cipher: Specifies that auth-password and priv-password are encrypted keys, which can be calculated by

using the snmp-agent calculate-password command.

authentication-mode: Specifies an authentication algorithm. MD5 is faster than SHA, while SHA

provides a higher security than MD5.

• md5: Specifies the MD5 authentication algorithm. For more information about MD5, see VPN

Configuration Guide.

• sha: Specifies the SHA-1 authentication protocol algorithm. For more information about SHA, see

VPN Configuration Guide.

auth-password: Authentication key. If the cipher keyword is not specified, auth-password represents a

plaintext key, a string of 1 to 64 visible characters. If the cipher keyword is specified, auth-password

represents an encrypted key. If the md5 keyword is specified, auth-password is a string of 32

hexadecimal characters. If the sha keyword is specified, auth-password is a string of 40 hexadecimal

characters.

privacy-mode: Specifies an encryption algorithm for privacy. The three encryption algorithms AES, 3DES,

and DES are in descending order in terms of security. Higher security means more complex

implementation mechanism and lower speed. DES is enough to meet general requirements.

• 3des: Specifies the 3DES algorithm. For more information about 3DES, see VPN Configuration

Guide.

• des56: Specifies the DES algorithm. For more information about DES, see VPN Configuration

Guide.

• aes128: Specifies the AES algorithm. For more information about AES, see VPN Configuration

Guide.

priv-password: The privacy key. If the cipher keyword is not specified, priv-password represents a

plaintext key, which is a string of 1 to 64 characters. If the cipher keyword is specified, priv-password

represents an encrypted key. If the md5 keyword is specified, priv-password is a string of 32 hexadecimal

characters. If the sha keyword is specified, priv-password is a string of 40 hexadecimal characters.

acl acl-number: Specifies a basic ACL to filter NMSs by source IPv4 address. The acl-number argument

represents a basic ACL number in the range of 2000 to 2999. Only the NMSs with the IPv4 addresses

permitted in the ACL can use the specified username to access the SNMP agent.

local: Represents a local SNMP entity user.

engineid engineid-string: Specifies an SNMP engine ID as a hexadecimal string. The engineid-string

argument must comprise an even number of hexadecimal characters, which ranges from 10 to 64.

All-zero and all-F strings are invalid.

Description

Use snmp-agent usm-user v3 to add an SNMPv3 user to an SNMP group.

Use undo snmp-agent usm-user v3 to delete an SNMPv3 user from an SNMP group.

This command is for SNMPv3. Create SNMPv3 users, if the agent and the NMS use SNMPv3 packets

to communicate with each other.