HP 6125XLG R2306-HP 6125XLG Blade Switch Network Management and Monitoring Com - Page 95
snmp-agent community, snmp-agent usm-user { v1 | v2c }, public, private, readaccess, ViewDefault
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 95 highlights
acl acl-number: Specifies a basic IPv4 ACL to filter NMSs by source IPv4 address. The acl-number argument represents an ACL number in the range of 2000 to 2999. In the specified community, only NMSs with an IP address permitted in the ACL can access the SNMP agent. If no ACL is specified, the specified ACL does not exist, or the specified ACL does not have any rules, any NMS in the SNMP community can access the SNMP agent. For more information about ACLs, see ACL and QoS Configuration Guide. acl ipv6 ipv6-acl-number: Specifies a basic IPv6 ACL to filter NMSs by source IPv6 address. The ipv6-acl-number argument represents an ACL number in the range of 2000 to 2999. In the specified community, only NMSs with an IPv6 address permitted in the IPv6 ACL can access the SNMP agent. If no ACL is specified, the specified ACL does not exist, or the specified ACL does not have any rules, all NMSs in the SNMP community can access the SNMP agent. Usage guidelines This command is for SNMPv1 and SNMPv2c, and is supported only in non-FIPS mode. You can create up to 10 SNMP communities by using the snmp-agent community command. To create more SNMP communities, use the snmp-agent usm-user { v1 | v2c } command. An SNMPv1 or SNMPv2c community comprises a set of NMSs and SNMP agents, and is identified by a community name. An NMS and an SNMP agent must use the same community name to authenticate to each other. Typically, public is used as the read-only community name and private is used as the read and write community name. To improve security, assign your SNMP communities a name other than public and private. Examples # Create the read-only community readaccess so an NMS can use the protocol SNMPv1 or SNMPv2c and community name readaccess to read the MIB objects in the default view ViewDefault. system-view [Sysname] snmp-agent sys-info version v1 v2c [Sysname] snmp-agent community read readaccess # Create the read and write community writeaccess so only the NMS at 1.1.1.1 can use the protocol SNMPv2c and community name writeaccess to read or set the MIB objects in the default view ViewDefault. system-view [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 [Sysname-acl-basic-2001] rule deny source any [Sysname-acl-basic-2001] quit [Sysname] snmp-agent sys-info version v2c [Sysname] snmp-agent community write writeaccess acl 2001 # Create the read and write community wr-sys-acc so an NMS can use the protocol SNMPv1 or SNMPv2c, community name wr-sys-acc to read or set the MIB objects in the system subtree (OID 1.3.6.1.2.1.1). system-view [Sysname] snmp-agent sys-info version v1 v2c [Sysname] undo snmp-agent mib-view ViewDefault [Sysname] snmp-agent mib-view included test system [Sysname] snmp-agent community write wr-sys-acc mib-view test 93