106
1: Oid=ifMtu.135471 Syntax=INT Value=1500
Get finished
# Use a wrong community name to get the value of a MIB node on the agent. You can see an
authentication failure trap on the NMS.
1.1.1.1/2934 V1 Trap = authenticationFailure
SNMP Version = V1
Community = public
Command = Trap
Enterprise = 1.3.6.1.4.1.43.1.16.4.3.50
GenericID = 4
SpecificID = 0
Time Stamp = 8:35:25.68
SNMPv3 configuration example
Network requirements
As shown in
, the NMS (1.1.1.2/24) uses SNMPv3 to monitor and manage the interface status
of the agent (1.1.1.1/24). The agent automatically sends notifications to report events to the NMS.
The NMS and the agent perform authentication when they set up an SNMP session. The authentication
algorithm is SHA-1 and the authentication key is
123456TESTauth&!
. The NMS and the agent also
encrypt the SNMP packets between them by using the AES algorithm and the privacy key
123456TESTencr&!
.
Figure 34
Network diagram
Configuration procedure
1.
Configure the agent:
# Configure the IP address of the agent, and make sure the agent and the NMS can reach each
other. (Details not shown.)
# Assign the NMS (SNMPv3 group
managev3group
) read and write access to the objects under
the
snmp
node (OID 1.3.6.1.2.1.11), and deny its access to any other MIB object.
<Agent> system-view
[Agent] undo snmp-agent mib-view ViewDefault
[Agent] snmp-agent mib-view included test snmp
[Agent] snmp-agent group v3 managev3group privacy read-view test write-view test
# Add the user
managev3user
to the SNMPv3 group
managev3group
, and set the authentication
algorithm to
sha
, authentication key to
123456TESTauth&!
, encryption algorithm to
aes128
, and
privacy key to
123456TESTencr&!
.
[Agent] snmp-agent usm-user v3 managev3user managev3group simple authentication-mode
sha 123456TESTauth&! privacy-mode aes128 123456TESTencr&!
# Configure contact and physical location information for the agent.
[Agent] snmp-agent sys-info contact Mr.Wang-Tel:3306
Summary of Contents for 5920
Page 86: ...76 XGE1 0 2 N A P2P Two 0 ...