Configuration Guidelines and Limitations
Group-Based SNMP Access
Because group is a standard SNMP term used industry-wide, roles are referred to as groups in this SNMP
Note
section.
SNMP access rights are organized by groups. Each group in SNMP is similar to a role through the CLI. Each
group is defined with three accesses: read access, write access, and notification access. Each access can be
enabled or disabled within each group.
You can begin communicating with the agent once your user name is created, your roles are set up by your
administrator, and you are added to the roles.
Configuration Guidelines and Limitations
SNMP has the following configuration guidelines and limitations:
• Cisco NX-OS supports read-only access to Ethernet MIBs.
Configuring SNMP
Configuring SNMP Users
To configure a user for SNMP, perform this task:
Procedure
Step 1
Step 2
Step 3
Step 4
Enforcing SNMP Message Encryption
You can configure SNMP to require authentication or encryption for incoming requests. By default the SNMP
agent accepts SNMPv3 messages without authentication and encryption. When you enforce privacy, Cisco
NX-OS responds with an authorization Error for any SNMPv3 PDU request using securityLevel parameter
of either noAuthNoPriv or authNoPriv.
OL-16597-01
Command or Action
switch# configuration terminal
switch(config)# snmp-server user name [auth
{md5 | sha} passphrase [auto] [priv [aes-128]
passphrase] [engineID id] [localizedkey]]
switch# show snmp user
switch# copy running-config startup-config
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
Group-Based SNMP Access
Purpose
Enters configuration mode.
Configures an SNMP user with
authentication and privacy parameters.
(Optional)
Displays information about one or more
SNMP users.
(Optional)
Saves this configuration change.
379