Configuring Access Privileges for SNMPv3 Users (SRC CLI)
In a user-based security model (USM), you can define access privileges for SNMPv3 users. But you cannot assign the security name to an SNMP group. Here, the security name is the username configured at the [edit snmp v3 usm local-engine user] hierarchy level.
Use the following configuration statements to define access privileges for an SNMPv3 user at the [edit snmp v3 usm local-engine user username access] hierarchy level:
snmp v3 usm local-engine user username access {
authorization (read-only | read-write);
oid oid;
}
To define access privileges for an SNMPv3 user in a USM:
- From configuration mode, enter the following configuration
statement.[edit]user@host# edit snmp v3 usm local-engine user username access
- (Optional) Specify the authorization level.
To specify read-only access:
[edit snmp v3 usm local-engine user username access]user@host# set authorization read-onlyTo specify read-and-write access:
[edit snmp v3 usm local-engine user username access]user@host# set authorization read-write - (Optional) Specify the object identifier used to represent
the subtree of MIB objects to which access is allowed.[edit snmp v3 usm local-engine user username access]user@host# set oid oid
Note By default, all clients are allowed to access the complete OID tree.
- (Optional) Verify your configuration.
root@c3bng-src4# show authorization read-only; oid 1;