Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Defining Access Privileges for an SNMP Group (SRC CLI)

    Use the following configuration statements to define access privileges for SNMP groups:

    snmp v3 vacm access group group-name ... snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) ...
    snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) security-level (authentication|none|privacy) { read-view read-view; write-view write-view; }

    To configure MIB views with a group for the VACM:

    1. From configuration mode, access the configuration statement that configures the VACM group.
      [edit]user@host# edit snmp v3 vacm access group group-name

      The group name is the name for a collection of SNMP security names that belong to the same SNMP access policy.

    2. Specify the security model for access privileges.
      [edit snmp v3 vacm access group group-name] user@host# set default-context-prefix security-model (any|v1|v2c|usm)

      To specify any security model:

      user@host# set default-context-prefix security-model any

      To specify the SNMPv1 security model:

      user@host# set default-context-prefix security-model v1

      To specify the SNMPv2c security model:

      user@host# set default-context-prefix security-model v2c

      To specify the SNMPv3 user-based security model (USM):

      user@host# set default-context-prefix security-model usm
    3. Specify the security level for access privileges.
      [edit snmp v3 vacm access group group-name] user@host# set default-context-prefix security-model (any|v1|v2c|usm) security-level (authentication|none|privacy)

      To specify a security level that provides authentication but no encryption:

      user@host# set default-context-prefix security-model (any|v1|v2c|usm) security-level authentication

      To specify a security level that provides no authentication and no encryption:

      user@host# set default-context-prefix security-model (any|v1|v2c|usm) security-level none

      For SNMPv1 or SNMPv2c access, specify none as the security level.

      To specify a security level that provides authentication and encryption:

      user@host# set default-context-prefix security-model (any|v1|v2c|usm) security-level privacy
    4. (Optional) Specify the view used for SNMP read access. You must specify the read-view option or the write-view option.
      [edit snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) security-level (authentication|none|privacy)] user@host# set read-view read-view
    5. (Optional) Specify the view used for SNMP write access. You must specify the read-view option or the write-view option.
      [edit snmp v3 vacm access group group-name default-context-prefix security-model (any|v1|v2c|usm) security-level (authentication|none|privacy)] user@host# set write-view write-view

    Modified: 2013-03-14