Though SNMP v1 and v2c is using community-based string, the following is still required:
To configure SNMP v2 support:
configure terminal
snmp community public community-access readOnly
snmp group testgroup snmp 2 noAuthNoPriv read read-access write write-access notify notify-access
snmp user public user-group testgroup user-version 2
snmp host host2 host-ip-address 2.2.2.2 host-port 162 host-user-name public host-version 2 host-security-level noAuthNoPriv
snmp enable traps linkUp
To configure SNMP v3 support:
configure terminal
snmp group testgroup3 snmp 3 authPriv notify test write test read test
snmp user user3 user-version 3 user-group testgroup3 auth-protocol sha priv-protocol aes passphrase changePassphrase
! configure snmp host to enable snmp v3 trap
snmp host host3 host-ip-address 3.3.3.3 host-version 3 host-user-name user3 host-security-level authPriv host-port 162
!
! Change to different security level
!
snmp group testgroup4 snmp 3 authNoPriv notify test write test read test
snmp user user4 user-version 3 user-group testgroup4 auth-protocol md5 passphrase changePassphrase
! configure snmp host to enable snmp v3 trap
snmp host host4 host-ip-address 4.4.4.4 host-version 3 host-user-name user4 host-security-level authNoPriv host-port 162
!
!
snmp enable traps linkUp
snmp enable traps linkDown
Note |
SNMP host configuration is supported for NFVIS 3.6.1 release. Host trap server configuration will be officially supported
for NFVIS 3.7.1 release.
|
Note |
SNMP v3 context
snmp
is added automatically when configured from the web portal. To use a different context value or empty context string, use
NFVIS CLI or API for configuration.
NFVIS SNMP v3 only supports single passphrase for both auth-protocol and priv-protocol.
|
Note |
NFVIS 3.11.1 release enhances the special character support for passphrase. Now the following characters are supported: @#$-!&*
|
Verify the configuration for SNMP support
Use the
show snmp agent
command to verify the snmp agent description and ID.
nfvis# show snmp agent
snmp agent sysDescr "Cisco NFVIS "
snmp agent sysOID 1.3.6.1.4.1.9.12.3.1.3.1291
Use the
show snmp traps
command to verify the state of snmp traps.
nfvis# show snmp traps
TRAP TRAP
NAME STATE
--------------------
linkDown disabled
linkUp enabled
Use the
show snmp stats
command to verify the snmp stats.
nfvis# show snmp stats
snmp stats sysUpTime 57351917
snmp stats sysServices 70
snmp stats sysORLastChange 0
snmp stats snmpInPkts 104
snmp stats snmpInBadVersions 0
snmp stats snmpInBadCommunityNames 0
snmp stats snmpInBadCommunityUses 0
snmp stats snmpInASNParseErrs 0
snmp stats snmpSilentDrops 0
snmp stats snmpProxyDrops 0
Use the
show running-config snmp
command to verify the interface configuration for snmp.
nfvis# show running-config snmp
snmp agent enabled true
snmp agent engineID 00:00:00:09:11:22:33:44:55:66:77:88
snmp enable traps linkUp
snmp community pub_comm
community-access readOnly
!
snmp community tachen
community-access readOnly
!
snmp group tachen snmp 2 noAuthNoPriv
read test
write test
notify test
!
snmp group testgroup snmp 2 noAuthNoPriv
read read-access
write write-access
notify notify-access
!
snmp user public
user-version 2
user-group 2
auth-protocol md5
priv-protocol des
!
snmp user tachen
user-version 2
user-group tachen
!
snmp host host2
host-port 162
host-ip-address 2.2.2.2
host-version 2
host-security-level noAuthNoPriv
host-user-name public
!
Upper limit for SNMP configurations:
-
Communities: 10
-
Groups: 10
-
Users: 10
-
Hosts: 4
SNMP Support APIs and Commands
APIs
|
Commands
|
|
-
agent
-
community
-
trap-type
-
host
-
user
-
group
|