Configuring Remote SNMPv3 Users
Each SNMPv3 user is defined by a unique name. Users must be configured with a
specific security level and assigned to a group. The SNMPv3 group restricts users to
a specific read and a write view.
To send inform messages to an SNMPv3 user on a remote device, you must first
specify the engine identifier for the SNMP agent on the remote device where the
user resides. The remote engine ID is used to compute the security digest for
authenticating and encrypting packets sent to a user on the remote host. (See
“Specifying Trap Managers and Trap Types” on page 5-4 and “Specifying a Remote
Engine ID” on page 5-8.)
Command Attributes
• User Name – The name of user connecting to the SNMP agent. (Range: 1-32
characters)
• Group Name – The name of the SNMP group to which the user is assigned.
(Range: 1-32 characters)
•
Engine ID
– The engine identifier for the SNMP agent on the remote device where
the remote user resides. Note that the remote engine identifier must be specified
before you configure a remote user. (See “Specifying a Remote Engine ID” on
page 5-8.)
• Remote IP – The Internet address of the remote device where the user resides.
• Security Model – The user security model; SNMP v1, v2c or v3. (Default: v1)
• Security Level – The security level used for the user:
- noAuthNoPriv – There is no authentication or encryption used in SNMP
communications. (This is the default for SNMPv3.)
- AuthNoPriv – SNMP communications use authentication, but the data is not
encrypted (only available for the SNMPv3 security model).
- AuthPriv – SNMP communications use both authentication and encryption (only
available for the SNMPv3 security model).
• Authentication Protocol – The method used for user authentication. (Options:
MD5, SHA; Default: MD5)
• Authentication Password – A minimum of eight plain text characters is required.
•
Privacy
Protocol
– The encryption algorithm use for data privacy; only 56-bit DES
is currently available.
• Privacy Password – A minimum of eight plain text characters is required.
5-11
Configuring SNMPv3 Management Access
5