You specify SNMPv3 USM user and security information in the sysedgeV3.cf file using the SNMP_V3_USER_INFO keyword. All of the arguments for this keyword must be on one line and in the specified order separated by blank spaces.
To configure SNMPv3 user information, add the following line to the sysedgeV3.cf file:
SNMP_V3_USER_INFO *|access[addresses] userName securityModel securityLevel [authProtocol authPassword [privProtocol privPassword]]
Specifies read or write access. Value "read" or "write" is mandatory.
Specifies an IP filter to filter the requests originating from a specified IP address or a subnet. This field is not mandatory. If this is not specified, agent information is accessible to all of the hosts. For more information, see Address Filtering for SNMPv3 Users.
Specifies the name of the SNMPv3 secure user to which to allow access.
Specifies the SNMPv3 security model in use. The SystemEDGE agent currently only supports the User-based Security Model (USM). Only a value of 3 is supported.
The following values are supported for the supported levels of security:
Indicates that no authentication and no privacy (encryption) protocols are configured for use for this SNMPv3 user.
Indicates that an authentication protocol is configured and no privacy protocol is configured for this SNMPv3 user.
Indicates that an authentication and a privacy protocol is configured for use with this SNMPv3 user.
Specifies the authentication protocol to be used. Currently MD5 and SHA protocols are the only used. You should only specify this option if AuthPriv or AuthNoPriv security level is set.
Specifies the SNMPv3 user's authentication password (key) used by the authentication protocol. Specifying authPassword is required only if authProtocol (MD5 or SHA) is set.
Specifies the encryption (privacy) protocol used by the SNMPv3 user. DES, 3DES, and AES are the only protocols supported. If you specify an encryption protocol, you must specify authProtocol and authPassword also. If you specify privProtocol, AuthPriv is the only supported securityLevel.
Specifies the SNMPv3 user's encryption password (key) used by the encryption protocol. This parameter is required only if you set privProtocol.
You can assign read or write access to different security levels. For example, the security levels of No Authentication and No Privacy (noAuthNoPriv) can be equivalent to the public community string, while Authentication and Privacy (AuthPriv) can be equivalent to the admin community string.
Examples
Examples of valid SNMPv3 user definitions follow:
SNMP_V3_USER_INFO *|read joe1 3 AuthPriv MD5 apass AES ppass SNMP_V3_USER_INFO *|read joe2 3 AuthPriv SHA apass DES ppass SNMP_V3_USER_INFO *|write|192.168.29.0 joe3 3 AuthPriv SHA apass 3DES ppass SNMP_V3_USER_INFO *|write|100.10-255.100.101,e000-efff:f0ff:bef0:*,192.168.120.0,*:1 joe4 3 AuthNoPriv SHA evansar SNMP_V3_USER_INFO *|read joe5 3 noAuthNoPriv
|
Copyright © 2013 CA.
All rights reserved.
|
|