Sharing Ilmu

Sharing for useful things

How To Configure SNMPv3 on Cisco Router/Switch

In this tutorial I’ll discuss about how to configuation snmpv3 on cisco router or switch. The different snmpv3 with snmpv1 or 2 is more secure connection for snmpv3.  SNMPv3 provide the authentication and encryption method for the connection between NMS and managed devices.

We also use the paesless testing tool for the test snmp v3 connection. you can download the software at link https://www.paessler.com/tools/snmptester

The Simple topology that used. I’m use the eve-ng and for the device I’ll try with one Router that connected to the network :

Talking about secure connection on SNMPv3, which is there are 3 security levels defined in the snmpv3 :

  • NoAuthNoPriv : It Doesn’t use authentication or encryption
  • AuthNoPriv : It’s Uses an authentication but not for encryption
  • AuthPriv : It’s uses both authentication and encryption. this security level will i give the example in this article.

 

The Router has an ip address 192.168.19.129 and my pc is 192.168.19.1. First configure the ACL and permit the ip address of snmp tester or nms if you use the NMS for more secure the connection.

MyRouter(config)#ip access-list standard Permit-SNMP
MyRouter(config-std-nacl)#permit 192.168.19.1
MyRouter(config-std-nacl)#exit

 

Configure the SNMP view for read only access. in this artikel I’ll configure only for the read only access.

The following is the configuration format for snmp view :

# snmp-server view NameforSNMPView iso included

 

MyRouter(config)#snmp-server view SNMPv3_RO iso included

 

Configure the SNMP Group. The following is the configuration format :

# snmp-server group NameOfGroup snmpversion(v3) priv read/write NameOfSnmpView access AccessListNameOrNumber

MyRouter(config)#snmp-server group MyGR v3 priv read SNMPv3_RO access Permit-SNMP

 

Configure the SNMP User. The following is the configuration format :

# snmp-server user NameOfUser NameOfGroup snmpversion(v3) auth sha/md5 authenticationpasswrod priv aes 128 privacypassword access AccessListNameOrNumber

MyRouter(config)#snmp-server user myuser MyGR v3 auth sha myauthpass priv aes 128 myprivpass access Permit-SNMP

 

 

Use show snmp user for look the snmp user configuration.

MyRouter#show snmp user

User name: myuser
Engine ID: 800000090300AABBCC001000
storage-type: nonvolatile active access-list: Permit-SNMP
Authentication Protocol: SHA
Privacy Protocol: AES128
Group-name: MyGR

MyRouter#

 

Now Test snmp connection with Paessler SNMP Tester.

Local IP : your ip pc

Device IP/ Port : your managed device ip and snmp port (161)

For SNMP authentication use the snmp version and authentication appropriate with the user configuration that’s already to do before.

Testing is successfull. snmpv3 is successfull to configure.

 

z
Previous Article
Next Article

Leave a Reply

Your email address will not be published. Required fields are marked *.

*
*
You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Copyright © 2024 Sharing Ilmu All Right Reserved. Online CV Resume Theme By eDataStyle . Proudly powered by WordPress .