[an error occurred while processing this directive][an error occurred while processing this directive]

Configuring the Remote Engine and Remote User

To send inform messages to an SNMPv3 user on a remote device, you must first specify the engine identifier for the SNMP agent on the remote device where the user resides. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host. When sending an inform message, the agent uses the credentials of the user configured on the remote engine (inform target).

To configure a remote engine and remote user to receive and respond to SNMP informs, include the following statements at the [edit snmp v3] hierarchy level:

[edit snmp v3]usm {remote-engine engine-id {user username {authentication-md5 {authentication-key key;}authentication-none;authentication-sha {authentication-key key;}privacy-3des {privacy-key key;}privacy-aes128 {privacy-key key;}privacy-des {privacy-key key;}privacy-none;}}}

For informs, remote-engine engine-id is the identifier for the SNMP agent on the remote device where the user resides.

For informs, user username is the user on a remote SNMP engine who receives the informs.

Informs generated can be unauthenticated, authenticated, or authenticated_and_encrypted, depending on the security level of the SNMPv3 user configured on the remote engine (the inform receiver). The authentication key is used for generating message authentication code (MAC). The privacy key is used to encrypt the inform PDU part of the message.


Published: 2010-04-27

[an error occurred while processing this directive]