Configuring Access Control for Communities

Use the following configuration statements to configure community strings for traditional access control:

snmp community community {
authorization (read-only|read-write);
clients clients;
oid oid;
}

To configure community strings:

  1. From configuration mode, access the configuration statement that configures the community string. Community names must be unique.
      [edit]
      user@host# edit snmp community community
  2. (Optional) Specify the authorization level.

    To specify read-only access:

      [edit snmp community community]
      user@host# set authorization read-only

    To specify read and write access:

      [edit snmp community community]
      user@host# set authorization read-write
  3. Specify the IP address or subnet of the SNMP client hosts that are authorized to use this community.
      [edit snmp community community]
      user@host# set clients clients

    By default, all clients are allowed.

  4. (Optional) Specify the object identifier used to represent a subtree of MIB object to which access is allowed.
      [edit snmp community community]
      user@host# set oid oid
  5. (Optional) Verify your configuration. 
    [edit snmp community community]
user@host# show

    

    6.