Filter
Top Products
156 Brocade ICX 6650 Administration Guide
53-1002600-01
SNMP community strings
6
• “SNMP version 3 traps”
• “Displaying SNMP Information”
• “SNMP v3 configuration examples”
Restricting SNMP access using ACL, VLAN, or a specific IP address constitute the first level of
defense when the packet arrives at a Brocade device. The next level uses one of the following
methods:
• Community string match In SNMP versions 1 and 2
• User-based model in SNMP version 3
SNMP views are incorporated in community strings and the user-based model.
SNMP community strings
SNMP versions 1 and 2 use community strings to restrict SNMP access. You can configure as many
additional read-only and read-write community strings as you need. The number of strings you can
configure depends on the memory on the device. There is no practical limit.
NOTE
If you delete the startup-config file, the device automatically re-adds the default “public” read-only
community string the next time you load the software.
Encryption of SNMP community strings
The software automatically encrypts SNMP community strings. Users with read-only access or who
do not have access to management functions in the CLI cannot display the strings.
Encryption is enabled by default. You can disable encryption for individual strings or trap receivers
if desired. Refer to the next section for information about encryption.
Adding an SNMP community string
The default SNMP community name (string) on a device is “public” with read only privilege.
You can assign other SNMP community strings, and indicate if the string is encrypted or clear. By
default, the string is encrypted.
To add an encrypted community string, enter commands such as the following.
Brocade(config)#snmp-server community private rw
Brocade(config)#write memory
Syntax: snmp-server community [0 | 1] <string>
ro | rw [view <viewname>] [<standard-ACL-name> | <standard-ACL-id>]
The <string> parameter specifies the community string name. The string can be up to 32
characters long.
The ro | rw parameter specifies whether the string is read-only (ro) or read-write (rw).