Summary:
Basic Configuration for SNMPv3 on EX Switches
Symptoms:
Solution:
Simple Network Management Protocol Version 3 (SNMPv3) is an interoperable standards-based protocol for network management. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are:
•Message integrity—Ensuring that a packet has not been tampered with in-transit.
•Authentication—Determining the message is from a valid source.
•Encryption—Scrambling the contents of a packet prevent it from being seen by an unauthorized source.
SNMPv3 provides for both security models and security levels. A security model is an authentication strategy that is set up for a user and the group in which the user resides. A security level is the permitted level of security within a security model. A combination of a security model and a security level will determine which security mechanism is employed when handling an SNMP packet. Three security models are available: SNMPv1, SNMPv2c, and SNMPv3.
Enabling SNMPv3 Get, GetNext, and Set Operations
set snmp v3 usm local-engine user testjnpr authentication-md5 authentication-key <authentication-key>
set snmp v3 usm local-engine user testjnpr privacy-des privacy-password <privacy-password>
set snmp v3 vacm security-to-group security-model usm security-name testjnpr group grpjnpr
set snmp v3 vacm access group grpjnpr default-context-prefix security-model any security-level authentication read-view all
set snmp v3 vacm access group grpjnpr default-context-prefix security-model any security-level authentication write-view all
set snmp view all oid .1