Example: SNMPv3 Configuration
Define an SNMPv3 configuration:
[edit snmp]engine-id {use-fxp0-mac-address;}view jnxAlarms {oid 1.3.6.1.4.1.2636.3.4 include;}view interfaces {oid 1.3.6.1.2.1.2 include;}view ping-mib {oid 1.3.6.1.2.1.80 include;}[edit snmp v3]notify n1 {tag router1; # Identifies a set of target addressestype trap;# Defines type of notification}notify n2 {tag host1;type trap;}notify-filter nf1 {oid .1 include; # Defines which traps to send} # In this case, includes all trapsnotify-filter nf2 {oid 1.3.6.1.4.1 include; # Sends enterprise-specific traps
only}notify-filter nf3 {oid 1.3.6.1.2.1.1.5 include; # Sends BGP traps only}snmp-community index1 {community-name "$9$JOZi.QF/AtOz3"; # SECRET-DATAsecurity-name john; # Matches the security name at the
target parameterstag host1; # Finds the addresses that are allowed to be
used with}target-address ta1 {# Associates the target address with
the group #
san-francisco.address 10.1.1.1;address-mask 255.255.255.0; # Defines the range of addressesport 162;tag-list router1;target-parameters tp1; # Applies configured target parameters}target-address ta2 {address 10.1.1.2;address-mask 255.255.255.0;port 162;tag-list host1;target-parameters tp2;}target-address ta3 {address 10.1.1.3;address-mask 255.255.255.0;port 162;tag-list “router1 host1”;target-parameters tp3;}target-parameters tp1 { # Defines the target parametersnotify-filter nf1; # Specifies which notify filter to applyparameters {message-processing-model v1;security-model v1;security-level none;security-name john; # Matches the security name configured
at the} # [edit snmp v3 snmp-community community-index hierarchy level.}target-parameters tp2 {notify-filter nf2;parameters {message-processing-model v1;security-model v1;security-level none;security-name john;}}target-parameters tp3 {notify-filter nf3;parameters {message-processing-model v1;security-model v1;security-level none;security-name john;}}usm {local-engine { #Defines authentication and encryption for
SNMPv3 usersuser user1 {authentication-md5 {authentication-password authentication-password;}privacy-des {privacy-password privacy-password;}}user user2 {authentication-sha {authentication-password authentication-password;}privacy-none;}user user3 {authentication-none;privacy-none;}user user4 {authentication-sha {authentication-password authentication-password;}privacy-aes128 {privacy-password privacy-password;}}user user5 {authentication-sha {authentication-password authentication-password;}privacy-none;}}}vacm {access {group san-francisco { #Defines the access privileges for
the groupdefault-context-prefix { # called san-franciscosecurity-model v1 {security-level none {notify-view ping-mib;read-view interfaces;write-view jnxAlarms;}}}}}security-to-group {security-model v1 {security-name john { # Assigns john to the security groupgroup san-francisco; # called san-francisco}security-name bob {group new-york;}security-name elizabeth {group chicago;}}}}
