Filter
Top Products
Technical Configuration Guide for SNMP v2.0 December 2006
______________________________________________________________________________________________________
NORTEL External Distribution
25
6.4 Assigning the USM Group Access Level
The next step is to assign the access level to the USM Group. One of the following three USM
access levels must be configured:
• NoAuthNoPriv-Communication without authentication and privacy
• AuthNoPriv-Communication with authentication (MD5 or SHA) and without privacy
• AuthPriv-Communication with authentication (MD5 or SHA) and privacy (DES or AES in
release 4.1)
The ERS 8600 has a number of default groups, with one default USM group named ‘initial’. The
default groups can be examined by typing in the following command:
• ERS-8610:5# config snmp-v3 group-access info
================================================================================
VACM Group Access Configuration
================================================================================
Group Prefix Model Level ReadV WriteV NotifyV
--------------------------------------------------------------------------------
Group Prefix Model Level ReadV WriteV NotifyV
--------------------------------------------------------------------------------
initial usm noAuthNoPriv root root root
initial usm authPriv root root root
readgrp snmpv1 noAuthNoPriv v1v2only org
readgrp snmpv2c noAuthNoPriv v1v2only org
v1v2grp snmpv1 noAuthNoPriv v1v2only v1v2only v1v2only
v1v2grp snmpv2c noAuthNoPriv v1v2only v1v2only v1v2only
sBladeGrp snmpv1 noAuthNoPriv sBladeView sBladeView sBladeView
sBladeGrp snmpv2c noAuthNoPriv sBladeView sBladeView sBladeView
OpsQosPolicyUser usm noAuthNoPriv org org org
9 out of 9 Total entries displayed------------------------------------------------
The default USM level, named ‘initial’, has both authentication and encryption (authPriv) with full
read-write views. You can use this group for initial SNMPv3 access to the ERS 8600. The name
of the read-write view starts at ‘org’ – please see next step in regards to setting up the MIB view.
To set the SNMP USM security level, type in the following command:
• ERS-8610:5# config snmp-v3 group-access create [group name <0-32>] [prefix <0-
32>] usm [noAuthNoPriv|authNoPriv|authPriv]
Example: the following will add USM security level of ‘authPriv’ to the USM group named
‘group_example’:
• ERS-8610:5# config snmp-v3 group-access create group_example "" usm authPriv
NOTE: The prefix entered above is entered using double quotes. If you wish, you can define the
‘exact’ context match that should be matched against the context of the incoming PDU; i.e. exact
prefix match of read or write. There is no read or write view associated with the group yet. This
will be defined in the next step.