- Published on
SNMP v3 in Cisco IOS Devices
- Authors
- Name
- Jimmy Lai
The `Simple Network Management Protocol (SNMP) is an application layer protocol that collects and organizes device information in an IP network. SNMP pulling from the device is enabled on port 161. In addition, 162 must be open in order to send a trap from the device to the SNMP server.
- SNMP TRAP AND V2C
- RUN TEST - SHOW SNMP
- SNMP v3 in Cisco
- NOAUTHNOPRIV
- AUTHNOPRIV
- How to configure SNMPv3 in Cisco Nexus Devices
SNMP TRAP AND V2C
The snmp-server enable traps* command activates traps for all notifications. If you want, you can enable trap for a specific incident based on your needs.
snmp-server host 192.168.2.181 version 2c cisco
snmp-server community cisco RO
snmp-server enable traps
RUN TEST - SHOW SNMP
First, execute show snmp
from the device.
archie@lenovo (git)-[main] % snmpwalk -v2c -c cisco 1.2.1.2
SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.5(2)T, DEVELOPMENT TEST SOFTWARE
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Thu 26-Mar-15 07:36 by prod_rel+
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (886297) 2:27:42.97
SNMPv2-MIB::sysContact.0 = STRING:
SNMP v3 in Cisco
SNMPv3 supports 3 modes
-l LEVEL set security level (noAuthNoPriv|authNoPriv|authPriv)
NOAUTHNOPRIV
This mode has no authentication
and no encryption
services.
snmp-server view VIEW mib-2 included
snmp-server group GROUP v3 noauth read VIEW
snmp-server user USER GROUP v3
snmpwalk -v3 -l authPriv -u USER -a sha -A 'cisco' -x AES128 -X 'cisco' r1
AUTHNOPRIV
In this mode, authentication will be there, but no encryption services.
snmp-server view OUR-MIB-VIEW mib-2 included
snmp-server group OUR-SNMP-GROUP v3 auth read OUR-MIB-VIEW
snmp-server user SNMPuser OUR-SNMP-GROUP v3 auth md5 cisco_AUTH
In this mode, authentication and encryption services will be there.
snmp-server view OUR-MIB-VIEW mib-2 included
snmp-server group OUR-SNMP-GROUP v3 auth read OUR-MIB-VIEW
snmp-server user SNMPuser OUR-SNMP-GROUP v3 auth md5 cisco_AUTH priv 3des cisco_PRIV
How to configure SNMPv3 in Cisco Nexus Devices
To configure the snmp v3
, we only need to run below command.
snmp-server user SNMPuser auth sha cisco12345 priv aes-128 cisco12345