Defining Access Privileges for an SNMP Group
Use the following configuration statements to define access privileges for SNMP groups:
- snmp v3 vacm access group group-name ...
- snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) ...
- snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) security-level
(authentication|none|privacy) {
- read-view read-view;
- write-view write-view;
- }
To configure MIB views with a group for the VACM:
- From configuration mode, access the configuration statement
that configures the VACM group.
The group name is the name for a collection of SNMP security names that belong to the same SNMP access policy.
- Specify the security model for access privileges.
- [edit snmp v3 vacm access group group-name]
- user@host# set default-context-prefix security-model (any|v1|v2c|usm)
To specify any security model:
To specify the SNMPv1 security model:
To specify the SNMPv2c security model:
To specify the SNMPv3 user-based security model (USM):
- Specify the security level for access privileges.
- [edit snmp v3 vacm access group group-name]
- user@host# set default-context-prefix security-model (any|v1|v2c|usm) security-level (authentication|none|privacy)
To specify a security level that provides authentication but no encryption:
To specify a security level that provides no authentication and no encryption:
For SNMPv1 or SNMPv2c access, specify none as the security level.
To specify a security level that provides authentication and encryption:
- (Optional) Specify the view used for SNMP read access. You must specify the read-view option or the write-view option.
- (Optional) Specify the view used for SNMP write access. You must specify the read-view option or the write-view option.