Enabling SNMPv3

Problem

You want to enable SNMPv3 on your router for security purposes.

Solution

SNMPv3 supports three modes of operation, each with different security features. These modes are summarized in Table 17-1. The following configuration commands enable SNMPv3 with no authentication and no encryption services (noAuthNoPriv):

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#snmp-server view TESTV3 mib-2 include
Router(config)#snmp-server group NOTSAFE v3 noauth read TESTV3
Router(config)#snmp-server user WEAK NOTSAFE v3
Router(config)#end
Router#

Use the following configuration commands to enable SNMPv3 with MD5 authentication and no encryption services (authNoPriv):

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#snmp-server view TESTV3 mib-2 include
Router(config)#snmp-server group ORAROV3 v3 auth read TESTV3
Router(config)#snmp-server user cking ORAROV3 v3 auth md5 daytona19y 
Router(config)#end
Router#

And you can enable SNMPv3 with MD5 authentication and DES encryption services (authPriv) as follows:

Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#snmp-server view TESTV3 mib-2 include
Router(config)#snmp-server group ORAROV3 v3 auth read TESTV3
Router(config)#snmp-server user bpugsley ORAROV3 v3 auth md5 hockeyrules priv des56 shortguy
Router(config)#end
Router#

Discussion

At the time of writing this book, the IETF had ...

Get Cisco IOS Cookbook, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco IOS Cookbook, 2nd Edition by Kevin Dooley, Ian Brown

Enabling SNMPv3

Problem

Solution

Discussion

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly