Users Guide

Table Of Contents
Command Mode CONFIGURATION
Usage
Information
The local engine ID generates the localized keys for the authentication and privilege passwords. These
passwords authenticate SNMP users and encrypt SNMP messages. If you reconfigure the local Engine ID,
the localized keys also change. The existing values are no longer valid, and a warning message displays. As
a result, you must reconfigure SNMP users with new localized password keys.
In addition, if you change the configured engine ID for a remote device, you must reconfigure the
authentication and privacy passwords for the remote user.
To display the current local engine ID, use the show snmp engineID local command.
Supported on the MX9116n and MX5108n switches in Full Switch mode starting in release 10.4.2.0. Also
supported in SmartFabric mode starting in release 10.5.0.1.
The no version of this command resets the default engine ID values.
Example
OS10(config)# snmp-server engineID local 80:00:02:b8:04:61:62:63
OS10(config)# snmp-server engineID local 80:00:02:b8:04:61:62:63
% Warning: Localized passwords need to be regenerated for local user.
OS10(config)# snmp-server engineID remote 1.1.1.1 0xaaffcc
OS10(config)# snmp-server engineID remote 1.1.1.2 udp-port 432 0xabeecc
Supported
Releases
10.4.2.0 or later
snmp-server group
Configures the views allowed for the users in an SNMP group.
Syntax
snmp-server group group-name {v1 | v2c | v3 security-level} [access acl-
name] [read view-name] [write view-name] [notify view-name]
Parameters
group-name Enter the name of the group. A maximum of 32 alphanumeric characters.
v1 SNMPv1 provides no user authentication or privacy protection. SNMP messages are sent in
plain text.
v2c SNMPv2c provides no user authentication or privacy protection. SNMP messages are sent in
plain text.
v3 security-level SNMPv3 provides optional user authentication and encryption for SNMP
messages, configured with the snmp-server user command.
security-level (SNMPv3 only) Configure the security level for SNMPv3 users:
auth Authenticate users in SNMP messages.
noauth Do not authenticate users or encrypt SNMP messages; send messages in plain text.
priv Authenticate users and encrypt/decrypt SNMP messages.
access acl-name (Optional) Enter the name of an IPv4 or IPv6 access list to filter SNMP
requests received on the switch. A maximum of 16 characters.
read view-name (Optional) Enter the name of a read-only view. A maximum of 32 characters
maximum.
write view-name (Optional) Enter the name of a read-write view. A maximum of 32 characters
maximum.
notify view-name (Optional) Enter the name of a notification view. A maximum of 32
characters maximum.
Defaults Not configured
Command Mode CONFIGURATION
Usage
Information
Use this command to set up the access privileges for a group of SNMP users. Configure the security level
for receiving SNMP messages. Specify read-only, read-write, and/or notification access to the SNMP
agent. To configure an SNMPv3 user's authentication and privacy settings, use the snmp-server
user command.
162 System management