HP 6125G HP 6125G & 6125G/XG Blade Switches Network Management and Mon - Page 74

snmp-agent group, Examples, Syntax, Default level

Page 74 highlights

To make sure the MIB objects are accessible only to a specific NMS, use a basic ACL to identify the source IP address of the NMS. To set the range of the MIB objects available for the community, use a MIB view. Related commands: snmp-agent mib-view. Examples # Create the read-only community readaccess so an NMS can use the protocol SNMPv1 or SNMPv2c and community name readaccess to read the MIB objects in the default view ViewDefault. system-view [Sysname] snmp-agent sys-info version v1 v2c [Sysname] snmp-agent community read readaccess # Create the read and write community writeaccess so only the host at 1.1.1.1 can use the protocol SNMPv2c and community name writeaccess to read and set the MIB objects in the default view ViewDefault. system-view [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 [Sysname-acl-basic-2001] rule deny source any [Sysname-acl-basic-2001] quit [Sysname] snmp-agent sys-info version v2c [Sysname] snmp-agent community write writeaccess acl 2001 # Create the read and write community wr-sys-acc so an NMS can use the protocol SNMPv1 or SNMPv2c, community name wr-sys-acc to read and set the MIB objects in the system subtree (OID 1.3.6.1.2.1.1). system-view [Sysname] snmp-agent sys-info version v1 v2c [Sysname] undo snmp-agent mib-view ViewDefault [Sysname] snmp-agent mib-view included test system [Sysname] snmp-agent community write wr-sys-acc mib-view test snmp-agent group Syntax SNMPv1 and SNMP v2c: snmp-agent group { v1 | v2c } group-name [ read-view view-name ] [ write-view view-name ] [ notify-view view-name ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * undo snmp-agent group { v1 | v2c } group-name SNMPv3: snmp-agent group v3 group-name [ authentication | privacy ] [ read-view view-name ] [ write-view view-name ] [ notify-view view-name ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * View undo snmp-agent group v3 group-name [ authentication | privacy ] System view Default level 3: Manage level 68

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196

68
To make sure the MIB objects are accessible only to a specific NMS, use a basic ACL to identify the
source IP address of the NMS. To set the range of the MIB objects available for the community, use a MIB
view.
Related commands:
snmp-agent mib-view
.
Examples
# Create the read-only community
readaccess
so an NMS can use the protocol SNMPv1 or SNMPv2c
and community name
readaccess
to read the MIB objects in the default view
ViewDefault
.
<Sysname> system-view
[Sysname] snmp-agent sys-info version v1 v2c
[Sysname] snmp-agent community read readaccess
# Create the read and write community
writeaccess
so only the host at 1.1.1.1 can use the protocol
SNMPv2c and community name
writeaccess
to read and set the MIB objects in the default view
ViewDefault
.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0
[Sysname-acl-basic-2001] rule deny source any
[Sysname-acl-basic-2001] quit
[Sysname] snmp-agent sys-info version v2c
[Sysname] snmp-agent community write writeaccess acl 2001
# Create the read and write community
wr-sys-acc
so an NMS can use the protocol SNMPv1 or
SNMPv2c, community name
wr-sys-acc
to read and set the MIB objects in the system subtree (OID
1.3.6.1.2.1.1).
<Sysname> system-view
[Sysname] snmp-agent sys-info version v1 v2c
[Sysname] undo snmp-agent mib-view ViewDefault
[Sysname] snmp-agent mib-view included test system
[Sysname] snmp-agent community write wr-sys-acc mib-view test
snmp-agent group
Syntax
SNMPv1 and SNMP v2c:
snmp-agent group
{
v1
|
v2c
}
group-name
[
read-view
view
-
name
] [
write-view
view
-
name
]
[
notify-view
view
-
name
] [
acl
acl-number
|
acl ipv6
ipv6-acl-number
] *
undo
snmp-agent group
{
v1
|
v2c
}
group-name
SNMPv3:
snmp-agent group v3
group-name
[
authentication
|
privacy
] [
read-view
view
-
name
] [
write-view
view
-
name
] [
notify-view
view
-
name
] [
acl
acl-number
|
acl ipv6
ipv6-acl-number
] *
undo
snmp-agent group
v3
group-name
[
authentication
|
privacy
]
View
System view
Default level
3: Manage level