HP 6125G HP 6125G & 6125G/XG Blade Switches Network Management and Mon - Page 90
usm-user v3, snmp-agent usm-user
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 90 highlights
acl ipv6 ipv6-acl-number: Specifies a basic ACL to filter NMSs by source IPv6 address. The ipv6-acl-number argument represents a basic ACL number in the range of 2000 to 2999. Only the NMSs with the IPv6 addresses permitted in the ACL can use the specified username to access the SNMP agent. local: Represents a local SNMP entity user. engineid engineid-string: Specifies the SNMP engine ID as a hexadecimal string. The engineid-string argument must comprise an even number of hexadecimal characters, in the range of 10 to 64. All-zero and all-F strings are invalid. Description Use snmp-agent usm-user v3 to create an SNMPv3 user in an SNMP group. Use undo snmp-agent usm-user v3 to delete an SNMPv3 user from an SNMP group. You must create an SNMPv3 user for the agent and the NMS to use SNMPv3. You must create an SNMP group before you assign an SNMP user to the group. Otherwise, the user cannot take effect after it is created. An SNMP group can contain multiple users. It defines SNMP objects accessible to the group of users in the MIB view and specifies whether to enable authentication and privacy functions. The authentication and encryption algorithms are defined when a user is created. You can use the snmp-agent calculate-password command to obtain a hexadecimal ciphertext string for the pri-password argument in the snmp-agent usm-user v3 cipher command. To make the calculated cipher text password applicable to the snmp-agent usm-user v3 cipher command, make sure the same privacy protocol is specified for the two commands and the local engine ID specified in the snmp-agent usm-user v3 cipher command is consistent with the SNMP entity engine ID specified in the snmp-agent calculate-password command. When you execute this command repeatedly to configure the same user (the usernames are the same, no limitation to other keywords and arguments), the last configuration takes effect. For secrecy, both plaintext and ciphertext keys are saved in cipher text. Remember the username and the plaintext password when you create a user. A plaintext password is required when the NMS accesses the SNMP agent. Related commands: snmp-agent calculate-password, snmp-agent group, and snmp-agent usm-user { v1 | v2c }. Examples # Add the user testUser to the SNMPv3 group testGroup. Configure the security model as authentication without privacy, the authentication algorithm as MD5, and the plain-text key as authkey. system-view [Sysname] snmp-agent group v3 testGroup authentication [Sysname] snmp-agent usm-user v3 testUser testGroup authentication-mode md5 authkey • Set the SNMP version on the NMS to SNMPv3. • Fill in the username testUser. • Set the authentication algorithm to MD5. • Set the authentication encrypted key to authkey. • Establish a connection, and the NMS can access the MIB objects in the default view (ViewDefault) on the device. # Add the user testUser to the SNMPv3 group testGroup. Configure the security model as authentication and privacy, the authentication algorithm as MD5, the privacy algorithm as DES56, the plain-text authentication key as authkey, and the plain-text privacy key as prikey. 84