Configuring SNMP Network Management
Summary: Networking › Switching › Edge › Synapse
Overview of SNMP Network Management
SNMP is the abbreviation of Simple Network Management Protocol, which became a network management standard RFC1157 in August 1988.Up to now, due to the support of this protocol by many manufacturers, SNMP has become the de facto network management standard and is suitable for use in the interconnected environment of multi-manufacturer systems. Using the SNMP protocol, network administrators can perform information query, network configuration, fault location, and capacity planning for nodes on the network. Network monitoring and management are the basic functions of SNMP. Currently the following versions of SNMP exist: SNMPv1: The first official version of the Simple Network Management Protocol, defined in RFC1157. SNMPv2C: Community-Based SNMPv2 Management Architecture, defined in RFC1901. SNMPv3: By authenticating and encrypting data, it provides the following security features:
- Make sure that data is not tampered with during transmission.
- Make sure the data is sent from a legitimate data source.
- Encrypt messages to ensure data confidentiality.
Configuring
- Configuring Communication Community Words
SWITCH( config)# snmp-server community COMMUNITY { ro | }SWITCH( config)# no snmp -server community COMMUNITYConfigure/delete SNMP communication community word. ro : read-only identifier, configure the community word as a community word with only read permission; the default configuration is a community word with both read and write permissions. Supports configuring multiple community characters at the same time.
SWITCH( config)# snmp -server view NAME {include | exclude} OIDSWITCH( config)# no snmp -server view nameConfigure/delete SNMPv3 views; Supports configuring multiple views at the same time, and supports configuring multiple rules for a single view;
The system has all and none views by default and cannot be modified
- Configuring SNMP Groups
SWITCH( config)# snmp -server group NAME {v3 | } { noAuthNoPriv | authNoPriv | authPriv } read RVIEW write WVIEWSWITCH( config)# snmp -server group NAME {v1 | v2c} read RVIEW write WVIEWSWITCH( config)# no snmp -server group nameconfigure/delete SNMP groups; Support to configure multiple groups at the same time; create group information in order to be compatible with the old configuration when configuring the community , usually without additional attention
SWITCH( config)# snmp -server user NAME group GROUPNAME auth {md5 | sha} {AUTHPASS} priv { aes | des} PRIVPASSSWITCH( config)# no snmp -server user nameconfigure/delete SNMP users; Support to configure multiple users at the same time;
SWITCH( config)# snmp -server host IPADDR {informs | traps} {v3 |} { noAuthNoPriv | authNoPriv | authPriv } user NAMESWITCH( config)# snmp -server host IPADDR {informs | traps} {v1 | v2c} community NAMESWITCH( config)# no snmp -server hostname _configure/delete SNMP server; Support to configure multiple servers at the same time;
Examples
Requirements: The IP address of the SNMP network management server is 2.2.2.2, and the read-write communication group word is unified as public.
- Enter the global configuration mode configuration:
SWITCH#SWITCH#configure terminalEnter configuration commands, one per line. End with CNTL/Z.
SWITCH( config)#snmp-server community publicSWITCH( config)#snmp-server 2.2.2.2 community publicSWITCH( config)#Case requirements: The IP address of the SNMP network management server is 2.2.2.2, SNMPv3 is used, the user test password is 12345678, the encryption key is 87654321; the authentication algorithm MD5, the encryption algorithm DES
SWITCH#SWITCH#configure terminalEnter configuration commands, one per line. End with CNTL/Z.
SWITCH( config)# snmp -server group test v3 authPriv read all write allSWITCH( config)# snmp -server user test group test auth MD5 12345678 priv DES 87654321SWITCH( config)# snmp -server host 2.2.2.2 informs v3 authPriv user test