SNMP Overview 77
“Corporation code of 3Com Corporation. (800007DB) + Equipment information”.
Equipment information can be the IP address, MAC address or self-defined
hexadecimal digit string.
You can skip these two operations when you begin to configure SNMP for a router
because SNMP service will be enabled once you configure any related SNMP
commands (except for the
display commands). It is equivalent to configuring the
snmp-agent command. Furthermore, the default engine ID can generally ensure
the uniqueness of the router on the network.
2 Configure SNMP version and related tasks
The 3Com Router series support SNMPv1, SNMPv2c and SNMPv3.
SNMPv1 and SNMPv2c adopt a community name for authentication, and the
SNMP packets that are not compliant with the community name authorized by the
equipment will be discarded. Different groups can have either the read-only or
read-write access authority. A group with the read-only authority can only query
equipment information, whereas a group with read-write authority can configure
the equipment. The authorities are specified by MIB views.
Security defined in SNMPv3 is user-based hence an SNMP user inherits the
authority of the SNMP group to which it belongs. Different NMS have different
access authority. An SNMP group can have read-only, read-write or notifying
authority. The authorities of the SNMP group are also determined by MIB views.
Perform the following configurations in system view.
Table 58 Configure SNMP version and related tasks
Operation Command
Select an SNMP version for NMS snmp-agent sys-info version { v1 | v2c |
v3 | all }
Define the SNMP version(s) that
NMS are not permitted to use
undo snmp-agent sys-info version { v1 |
v2c | v3 | all }
Create or update view
information
snmp-agent mib-view { included | excluded
} viewname subtree subtree
Delete a view undo snmp-agent mib-view view-name
Set name and access authority
for a community
snmp-agent community { read | write }
community_name [ mib-view view-name ] [
acl number ]
Remove the previous community
name
undo snmp-agent community community_name
Set an SNMP group snmp-server group { v1 groupname | v2c
groupname | v3 groupname { authentication
| noauthentication | privacy } } [
read-view readview ] [ write-view
writeview ] [ notify-view notifyview ]
[acl number ]
Delete an SNMP group undo snmp-agent group { v1 groupname | v2c
groupname | v3 groupname { authentication
| noauthentication | privacy } }
Add a new user to an SNMP
group and specify the SNMP
version as well as the
authentication/encryption mode
snmp-agent usm-user { v1 username
groupname | v2c username groupname | v3
username groupname [ authentication-mod {
md5 | sha } auth-password [ privacy-mod
des56 priv-password ] ] } [ acl number ]