Configuring the SNMP Local Engine ID (NSM Procedure)

You can configure a local engine identifier (engine ID) as the administratively unique ID of an SNMPv3 engine. The local engine ID is used only for identifying an SNMPv3 engine and not for addressing the engine. An engine ID has two parts: prefix and suffix. The prefix is formatted according to the specifications defined in RFC 3411, An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks. You can specify the suffix to be generated from the media access control (MAC) address of the management interface.

Note: SNMPv3 authentication and encryption keys are generated based on the associated passwords and the engine ID. If you configure or change the engine ID, you must commit the new engine ID before you configure SNMPv3 users. Otherwise the keys generated from the configured passwords are based on the previous engine ID.

To configure a local engine ID for an SNMPv3 engine in NSM:

  1. In the navigation tree, select Device Manager > Devices.
  2. In the Devices list, double-click the device to select it.
  3. Click the Configuration tab.
  4. In the configuration tree, expand SNMP.
  5. Select Engine Id.
  6. Enter the parameters as specified in Table 75.
  7. Click one:
    • OK—To save the changes.
    • Cancel—To cancel the modifications.
    • Apply—To apply the SNMP settings.

Note: After you make changes to a device configuration, you must push that updated device configuration to the physical security device for those changes to take effect. You can update multiple devices at one time. See the Updating Devices section in the Network and Security Manager Administration Guide for more information.

Table 75: Configuring Engine Id Fields

Option

Function

Your Action

Comment

Specifies the comment for the engine ID.

Enter a comment.

Use Mac Address

Specifies whether or not the SNMP engine ID is generated from the MAC address of the management interface on the device.

  1. Expand the Engine Id tree and select Use Mac Address.
  2. Select an option for engine ID generation:

    • None—The SNMP engine ID does not use the MAC address.
    • use-mac-address—The SNMP engine ID is generated from the MAC address of the management interface on the device.
    • use-default-ip-address—The engine ID suffix is generated from the default IP address of the management interface.
    • local—The engine ID suffix is generated from the local IP address of the management interface.
    For the engine ID, we recommend using the IP address of the device or using the MAC address of fxp0 or me0 if the device has only one Routing Engine.

Related Documentation