Defining an snmp group – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual
Page 128
116
Brocade Virtual ADX Administration Guide
53-1003249-01
Using the user-based security mode
4
The local parameter indicates that engine ID to be entered is the ID of this device, representing an
SNMP management entity.
NOTE
Since the current implementation of SNMP version 3 does not support Notification, remote engine
IDs cannot be configured at this time.
The hex-string variable consists of 11 octets, entered as hexadecimal values. Each octet has two
hexadecimal characters. The engine ID should contain an even number of hexadecimal characters.
The default engine ID has a maximum of 11 octets:
•
Octets 1 through 4 represent the agent's SNMP management private enterprise number as
assigned by the Internet Assigned Numbers Authority (IANA). The most significant bit of Octet 1
is "1". For example, “000007c7” is the ID for Brocade in hexadecimal. With Octet 1 always
equal to "1", the first four octets in the default engine ID is always “800007c7” (which is 1991
in decimal).
•
Octet 5 is always 03 in hexadecimal and indicates that the next set of values represent a MAC
address.
•
Octets 6 through 11 form the MAC address of the lowest port in the management process.
NOTE
Engine ID must be a unique number among the various SNMP engines in the management domain.
Using the default engine ID ensures the uniqueness of the numbers.
Defining an SNMP group
SNMP groups map SNMP users to SNMP views. For each SNMP group, you can configure a read
view, a write view, or both. Users who are mapped to a group will use its views for access control.
To configure an SNMP user group, enter a command such as the following:
Virtual ADX(config)#snmp-server group admin v3 auth read all write all
Syntax: [no] snmp-server group groupname { v1 | v2c | v3 { auth | noauth | priv }}
[read viewstring ] [ write viewstring] [notify viewname]
NOTE
This command is not used for SNMP version 1 and SNMP version 2. In these versions, groups and
group views are created internally using community strings. (See
on page 113.) When a community string is created, two groups are created, based on the
community string name. One group is for SNMP version 1 packets, while the other is for SNMP
version 2 packets.
The group groupname parameter defines the name of the SNMP group to be created.
The v1, v2c, or v3 parameter indicates which version of SNMP is used. In most cases, you will be
using v3, since groups are automatically created in SNMP versions 1 and 2 from community
strings.
The auth | noauth | priv parameter determines whether authentication is required for accessing
the supported views. If auth is selected, then only authenticated packets are allowed to access the
view specified for the user group. Selecting noauth means that no authentication is required to
access the specified view. Selecting priv means that an authentication password is required from
the users. The auth | noauth | priv parameter is available when you select v3, not v1 or v2.