DGS-3100 Series Gigabit Stackable Managed Switch Hardware Installation Guide
32
DGS3100# config ipif system vlan default ipaddress 100.1.1.1/8
DGS3100# sh ipif
Interface Name
: System
IP Address : 100.1.1.1 (static)
Subnet Mask : 255.0.0.0
Vlan Name
: default
Member port : 1: (3-50),2: (1-50),3: (1-50),4: (1-50) ,5: (1-50)
Admin. State
: Enabled
Link Status : Link Up
User Name
When creating a User name, it is possible to define its privilege level; a user with the privilege level of USER is allowed
only to view the configuration, whereas a user with a privilege level of ADMIN is allowed to change the configuration as
well as viewing it.
Create an account. The configured user name is entered as a login name for remote management sessions. To configure user
name and privilege level, enter the command at the system prompt as shown in the configuration example:
DGS3100# create account user Tony
DGS3100# sh account
UserName Access Level
-------------------- ------------------
Tony User
user User
admin Admin
Defining SNMP Community Strings
Simple Network Management Protocol
(SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing
and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways,
routers, switches, and other network devices. Use SNMP to configure system features for proper operation, monitor
performance and to detect potential problems in the switch, switch group or network.
Managed devices that support SNMP include software (agent) that runs locally on the device. A defined set of variables
(managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a
Management Information Base
(MIB) and provide a standard presentation of the information controlled by the on-board
SNMP agent. SNMP defines both the MIB specification format and the protocol used to access this information over the
network.
The device supports SNMP versions 1, 2c, and 3. The three versions of SNMP vary in the level of security provided
between the management station and the network device.
SNMP v.1 and v.2 provides user authentication using
Community Strings
. Community Strings function passwords. The
remote user SNMP application and the switch SNMP must use the same community string. SNMP packets from any station
that has not been authenticated are dropped. The default community strings for the switch used for SNMP v.1 and v.2
management access are:
•
public - Allows authorized management stations to retrieve MIB objects.
•
private - Allows authorized management stations to retrieve and modify MIB objects.
SNMP v.3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list
of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list
can do as an SNMP manager.
The switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may also
be set for a listed group of SNMP managers. Thus, one may create a group of SNMP managers that are allowed to view
read-only information or receive traps using SNMP v.1 while assigning a higher level of security to another group, granting
read/write privileges using SNMP v.3.
SNMP v.3 enables individual users or groups of SNMP managers to perform or be restricted from performing specific
SNMP management functions. The functions allowed or restricted are defined using the
Object Identifier
(OID) associated
with a specific MIB. In addition, SNMP v.3 encrypts SNMP messages.