Home » HP Manuals » Repeaters & Transceivers » HP GbE2c » Manual Viewer

HP GbE2c HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Refere - Page 98

User Security Model configuration

UPC - 808736802215

Add to My Manuals
Save this manual to your list of manuals

Page 98 highlights

SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following: • a new SNMP message format • security for messages • access control • remote configuration of SNMP parameters For more details on the SNMPv3 architecture please see RFC2271 to RFC2275. The following table describes the SNMPv3 Configuration Menu options. Table 85 SNMPv3 Configuration Menu options Command Description usm view access group comm taddr tparam notify v1v2 disable|enable cur Configures a user security model (USM) entry for an authorized user. You can also configure this entry through SNMP. The range is 1-16. Configures different MIB views. The range is 1-128. Configures access rights. The View-based Access Control Model defines a set of services that an application can use for checking access rights of the user. You need access control when you have to process retrieval or modification request from an SNMP entity. The range is 1-32. Configures an SNMP group. A group maps the user name to the access group names and their access rights needed to access SNMP management objects. A group defines the access rights assigned to all names that belong to a particular group. The range is 116. Configures a community table entry. The community table contains objects for mapping community strings and version-independent SNMP message parameters. The range is 1-16. Configures the destination address and user security levels for outgoing notifications. This is also called the transport endpoint. The range is 1-16. Configures SNMP parameters, consisting of message processing model, security model, security level, and security name information. There may be multiple transport endpoints associated with a particular set of SNMP parameters, or a particular transport endpoint may be associated with several sets of SNMP parameters. Configures a notification index. A notification application typically monitors a system for particular events or conditions, and generates Notification-Class messages based on these events or conditions. The range is 1-16. Enables or disables the access to SNMP version 1 and version 2. This command is enabled by default. Displays the current SNMPv3 configuration. User Security Model configuration Command: /cfg/sys/ssnmp/snmpv3/usm [SNMPv3 usmUser 1 Menu] name - Set USM user name auth - Set authentication protocol authpw - Set authentication password priv - Set privacy protocol privpw - Set privacy password del - Delete usmUser entry cur - Display current usmUser configuration You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the knowledge of applicable attributes of a user. This menu helps you create a user security model entry for an authorized user. You need to provide a security name to create the USM entry. The following table describes the User Security Model Configuration Menu options. Configuration Menu 98

Section	Page
HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Command Reference Guide	1
Notice	2
Contents	3
Command line interface	9
Introduction	9
Additional references	9
Connecting to the switch	9
Establishing a console connection	9
Setting an IP address	10
Establishing a Telnet connection	10
Establishing an SSH connection	10
Accessing the switch	11
Idle timeout	12
Typographical conventions	13
Menu basics	14
Introduction	14
Main Menu	14
Menu summary	14
Global commands	15
Command line history and editing	16
Command line interface shortcuts	17
Command stacking	17
Command abbreviation	17
Tab completion	17
First-time configuration	18
Introduction	18
Configuring Simple Network Management Protocol support	18
Setting passwords	19
Changing the default administrator password	19
Changing the default user password	20
Changing the default operator password	21
Information Menu	22
Introduction	22
Menu overview	22
System Information Menu	23
SNMPv3 Information Menu	23
SNMPv3 USM User Table information	24
SNMPv3 View Table information	25
SNMPv3 Access Table information	25
SNMPv3 Group Table information	26
SNMPv3 Community Table information	26
SNMPv3 Target Address Table information	27
SNMPv3 Target Parameters Table information	27
SNMPv3 Notify Table information	28
SNMPv3 dump	29
System information	30
Show last 100 syslog messages	31
System user information	31
Layer 2 information	32
FDB information menu	33
Show all FDB information	34
Clearing entries from the forwarding database	34
Link Aggregation Control Protocol information	34
LACP dump	35
802.1x information	36
Spanning Tree information	37
Rapid Spanning Tree and Multiple Spanning Tree information	39
Common Internal Spanning Tree information	41
Trunk group information	42
VLAN information	43
Layer 2 general information	43
Layer 3 information	43
Route information	44
Show all IP Route information	45
ARP information	46
Show all ARP entry information	46
ARP address list information	46
OSPF information	47
OSPF general information	48
OSPF interface information	48
OSPF Database information menu	48
OSPF route codes information	50
Routing Information Protocol information	50
RIP Routes information	50
RIP user configuration	51
IP information	51
IGMP multicast group information	51
IGMP multicast router port information	52
VRRP information	52
QoS information	53
802.1p information	53
ACL information	54
RMON Information Menu	54
RMON history information	55
RMON alarm information	56
RMON event information	56
Link status information	57
Port information	58
Logical Port to GEA Port mapping	59
Uplink Failure Detection information	59
Information dump	60
Statistics Menu	61
Introduction	61
Menu information	61
Port Statistics Menu	62
802.1x statistics	63
Bridging statistics	64
Ethernet statistics	65
Interface statistics	67
Internet Protocol (IP) statistics	68
Link statistics	68
Port RMON statistics	69
Layer 2 statistics	70
FDB statistics	70
LACP statistics	71
Layer 3 statistics	71
GEA Layer 3 statistics menu	72
GEA Layer 3 statistics	72
IP statistics	72
Route statistics	73
ARP statistics	73
DNS statistics	74
ICMP statistics	74
TCP statistics	75
UDP statistics	76
IGMP Multicast Group statistics	77
OSPF statistics menu	77
OSPF global statistics	78
VRRP statistics	80
RIP statistics	81
Management Processor statistics	81
Packet statistics	81
TCP statistics	82
UDP statistics	83
CPU statistics	83
Access Control List (ACL) statistics menu	83
ACL statistics	83
SNMP statistics	84
NTP statistics	86
Uplink Failure Detection statistics	87
Statistics dump	87
Configuration Menu	88
Introduction	88
Menu information	88
Viewing, applying, reverting, and saving changes	89
Viewing pending changes	89
Applying pending changes	89
Reverting changes	89
Saving the configuration	89
Reminders	90
System configuration	90
System host log configuration	91
Secure Shell Server configuration	92
RADIUS server configuration	93
TACACS+ server configuration	94
NTP server configuration	96
System SNMP configuration	96
SNMPv3 configuration	97
User Security Model configuration	98
SNMPv3 View configuration	99
View-based Access Control Model configuration	100
SNMPv3 Group configuration	100
SNMPv3 Community Table configuration	101
SNMPv3 Target Address Table configuration	102
SNMPv3 Target Parameters Table configuration	102
SNMPv3 Notify Table configuration	103
System Access configuration	104
Management Networks configuration	104
User Access Control configuration	105
User ID configuration	105
HTTPS Access configuration	106
Port configuration	106
Temporarily disabling a port	108
Port link configuration	108
Port ACL/QoS configuration	109
Layer 2 configuration	109
802.1x configuration	109
802.1x Global configuration	110
802.1x Port configuration	111
Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration	112
Common Internal Spanning Tree configuration	113
CIST bridge configuration	114
CIST port configuration	114
Spanning Tree configuration	115
Bridge Spanning Tree configuration	116
Spanning Tree port configuration	117
Forwarding Database configuration	118
Static FDB configuration	118
Trunk configuration	119
IP Trunk Hash configuration	120
Layer 2 IP Trunk Hash configuration	120
Link Aggregation Control Protocol configuration	120
LACP Port configuration	121
VLAN configuration	121
Layer 3 configuration	122
IP interface configuration	123
Default Gateway configuration	124
IP Static Route configuration	124
Address Resolution Protocol configuration	125
IP Forwarding configuration	125
Network Filter configuration	125
Route Map configuration	126
IP Access List configuration	127
Autonomous System Path configuration	127
Routing Information Protocol configuration	128
RIP Interface configuration	129
RIP Route Redistribution configuration	130
Open Shortest Path First configuration	130
OSFP Area Index configuration	131
OSPF Summary Range configuration	132
OSPF Interface configuration	133
OSPF Virtual Link configuration	134
OSPF Host Entry configuration	135
OSPF Route Redistribution configuration	135
OSPF MD5 Key configuration	136
IGMP configuration	136
IGMP snooping configuration	137
IGMP static multicast router configuration	138
IGMP filtering configuration	138
IGMP filter definition	139
IGMP filtering port configuration	139
Domain Name System configuration	140
Bootstrap Protocol Relay configuration	140
Virtual Router Redundancy Protocol configuration	141
VRRP Virtual Router configuration	141
VRRP Virtual Router Priority Tracking configuration	143
VRRP Virtual Router Group configuration	143
VRRP Virtual Router Group Priority Tracking configuration	144
VRRP Interface configuration	145
VRRP Tracking configuration	145
Quality of Service configuration	146
QoS 802.1p configuration	146
Access Control configuration	146
Access Control List configuration	147
ACL Ethernet Filter configuration	148
ACL IP Version 4 Filter configuration	148
ACL TCP/UDP Filter configuration	149
ACL Meter configuration	150
ACL Re-mark configuration	150
ACL Re-mark In-Profile configuration	151
ACL Re-mark In-Profile Update User Priority configuration	151
ACL Re-mark Out-of-Profile configuration	151
ACL Packet Format configuration	152
ACL Group configuration	152
Remote Monitoring configuration	152
RMON history configuration	153
RMON event configuration	154
RMON alarm configuration	154
Port mirroring	155
Port-based port mirroring	156
Uplink Failure Detection configuration	156
Failure Detection Pair configuration	157
Link to Monitor configuration	157
Link to Disable configuration	158
Dump	158
Saving the active switch configuration	158
Restoring the active switch configuration	159
Operations Menu	160
Introduction	160
Menu information	160
Operations-level port options	160
Operations-level port 802.1x options	161
Operations-level VRRP options	161
Boot Options Menu	162
Introduction	162
Menu information	162
Updating the switch software image	162
Downloading new software to the switch	162
Selecting a software image to run	163
Uploading a software image from the switch	164
Selecting a configuration block	164
Resetting the switch	165
Accessing the ISCLI	165
Maintenance Menu	166
Introduction	166
Menu information	166
System maintenance options	167
Forwarding Database options	167
Debugging options	168
ARP cache options	168
IP Route Manipulation options	169
IGMP Multicast Group options	169
IGMP Snooping options	170
IGMP Mrouter options	170
Uuencode flash dump	171
FTP/TFTP system dump put	171
Clearing dump information	171
Panic command	172
Unscheduled system dumps	172

Match case Limit results 1 per page

Configuration Menu 98

SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by

supporting the following:

•

a new SNMP message format

•

security for messages

•

access control

•

remote configuration of SNMP parameters

For more details on the SNMPv3 architecture please see RFC2271 to RFC2275.

The following table describes the SNMPv3 Configuration Menu options.

Table 85

SNMPv3 Configuration Menu options

Command

Description

usm <

1-16

Configures a user security model (USM) entry for an authorized user. You can also

configure this entry through SNMP. The range is 1-16.

view <

1-128>

Configures different MIB views. The range is 1-128.

access <

1-32

Configures access rights. The View-based Access Control Model defines a set of services

that an application can use for checking access rights of the user. You need access

control when you have to process retrieval or modification request from an SNMP entity.

The range is 1-32.

group <

1-16

Configures an SNMP group. A group maps the user name to the access group names

and their access rights needed to access SNMP management objects. A group defines

the access rights assigned to all names that belong to a particular group. The range is 1-

16.

comm <

1-16

Configures a community table entry. The community table contains objects for mapping

community strings and version-independent SNMP message parameters.

The range is 1-16.

taddr <

1-16

Configures the destination address and user security levels for outgoing notifications. This

is also called the transport endpoint. The range is 1-16.

tparam <

1-16

Configures SNMP parameters, consisting of message processing model, security model,

security level, and security name information. There may be multiple transport endpoints

associated with a particular set of SNMP parameters, or a particular transport endpoint

may be associated with several sets of SNMP parameters.

notify <

1-16

Configures a notification index. A notification application typically monitors a system for

particular events or conditions, and generates Notification-Class messages based on

these events or conditions. The range is 1-16.

v1v2 disable|enable

Enables or disables the access to SNMP version 1 and version 2. This command is

enabled by default.

cur

Displays the current SNMPv3 configuration.

User Security Model configuration

Command:

/cfg/sys/ssnmp/snmpv3/usm

[SNMPv3 usmUser 1

Menu]

name

- Set USM user name

auth

- Set authentication protocol

authpw

- Set authentication password

priv

- Set privacy protocol

privpw

- Set privacy password

del

- Delete usmUser entry

cur

- Display current usmUser configuration

You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the

knowledge of applicable attributes of a user.

This menu helps you create a user security model entry for an authorized user. You need to provide a security name

to create the USM entry.

The following table describes the User Security Model Configuration Menu options.