 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Configure Simple Network Management Protocol version 3 (SNMPv3):
- [edit snmp]
- engine-id {
- use-fxp0-mac-address;
- }
- view jnxAlarms {
- oid 1.3.6.1.4.1.2636.3.4 include;
- }
- view interfaces {
- oid 1.3.6.1.2.1.2 include;
- }
- view ping-mib {
- oid 1.3.6.1.2.1.80 include;
- }
- [edit snmp v3]
- notify n1 {
- tag router1; # Identifies a set of target addresses
- type trap;# Defines type of notification
- }
- notify n2 {
- tag host1;
- type trap;
- }
- notify-filter nf1 {
- oid .1 include; # Defines which traps (or which objects
for which traps)
- }
- notify-filter nf2 {
- oid 1.3.6.1.4.1 include; # Sends enterprise-specific traps
only
- }
- notify-filter nf3 {
- oid 1.3.6.1.2.1.1.5 include; # Sends BGP traps only
- }
- snmp-community index1 {
- community-name "$9$JOZi.QF/AtOz3"; # SECRET-DATA
- security-name john; # Matches the security name at the
target-parameters
- tag host1; # Finds the addresses that can be used
- }
- target-address ta1 { # Associates the target address with
the group san-francisco
- address 10.1.1.1;
- address-mask 255.255.255.0; # Defines the range of addresses
- port 162;
- tag-list router1;
- target-parameters tp1;# Applies configured target parameters
- target-address ta2 {
- address 10.1.1.2;
- address-mask 255.255.255.0;
- port 162;
- tag-list host1;
- target-parameters tp2;
- }
- target-address ta3 {
- address 10.1.1.3;
- address-mask 255.255.255.0;
- port 162;
- tag-list [router1 host1];
- target-parameters tp3;
- }
- target-parameters tp1 {# Defines the target parameters
- notify-filter nf1; # Specifies which notify filter to apply
- parameters {
- message-processing-model v1;
- security-model v1‘;
- security-level none;
- security-name john; # Matches the security name configured
at the edit
- }
- }# level
- target-parameters tp2 {
- notify-filter nf2;
-
- parameters {
- message-processing-model v1;
- security-model v1;
- security-level none;
- security-name john;
- }
- }
- target-parameters tp3 {
- notify-filter nf3;
-
- parameters {
- message-processing-model v1;
- security-model v1;
- security-level none;
- security-name john;
- }
- }
- usm {
- local-engine { # Defines authentication and encryption
for
- user user1 { # SNMPv3 users
-
- authentication-md5 {
- authentication-password authentication-password;
- }
-
- privacy-des {
- privacy-password password;
- }
- }
- user user2 {
-
- authentication-sha {
- authentication-password authentication-password;
- }
- privacy-none;
- }
- user user3 {
- authentication-none;
- privacy-none;
- }
- user user4 {
-
- authentication-md5 {
- authentication-password authentication-password;
- }
-
- privacy-3des {
- privacy-password password;
- }
- }
- user user5 {
-
- authentication-sha {
- authentication-password authentication-password;
- }
-
- privacy-aes128 {
- privacy-password password;
- }
- }
- vacm {
-
- access {
- group san-francisco {# Defines the access privileges for
the group
- default-context-prefix { # san-francisco
-
- security-model v1 {
-
- security-level none {
- notify-view ping-mib;
- read-view interfaces;
- write-view jnxAlarms;
- }
- }
- }
- }
- security-to-group {
-
- security-model v1 {
- security-name john {# Assigns john to the security group
san-francisco
- group san-francisco;
- }
-
- security-name bob {
- group new-york;
- }
-
- security-name elizabeth {
- group chicago;
- }
- }
For more information about configuring SNMP, see the JUNOS Network Management Configuration Guide.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |