Defining the SNMP community
SNMP community strings are used only by systems that support SNMPv1 and SNMPv2c protocols. SNMPv3 uses a username and password authentication, along with an encryption key.
The SNMP community of a system is the list of SNMP clients authorized to make requests of the system. Authorization for the community is in the form of a community string. The community string acts as a password, providing basic security and protecting the system against spurious SNMP requests.
- If no SNMP clients or networks are explicitly defined, then any client presenting the correct community string is granted the access privilege specified in the authorization option.
- If any client or network is defined, then only explicitly listed clients or networks are granted access to the system. Those clients have the access privilege specified by the authorization option. (The default is read-only.)
With reference to the figure Configuring SNMP communities and traps, the following configuration example shows how to set the SNMP community string for the system R1 to abc123
and specify three clients for the community with the following IP addresses: 176.16.0.15
, 176.16.0.16
, and 176.16.0.17
. Read-only access is provided for this community.
Create the snmp configuration node and the community configuration node. Set the community string. Note that using the edit command creates the community if it does not already exist. Navigate to the configuration node of the community for easier configuration. |
|
List the SNMP clients making up this community. |
|
Set the privilege level for this community to read-only. |
|
Commit the change. |
|
Verify the configuration. |
|
Return to the top of the configuration tree. |
|