SNMP
SNMP (Simple Network Management Protocol) is an application-layer protocol used to manage and monitor network devices. It allows administrators to collect, store, and analyze data from network devices, such as routers, switches, and servers. SNMP works by defining a standardized set of messages, known as protocol data units (PDUs), that can be used to communicate with network devices.
SNMP is based on a client-server architecture, where the client (usually an SNMP manager) sends requests to the server (usually an SNMP agent) to retrieve information about the device’s configuration, performance, and status. The SNMP agent on the device receives these requests, processes them, and returns the requested information to the SNMP manager.
AgentX is an extension to SNMP that allows multiple SNMP agents to be controlled by a single SNMP manager. With AgentX, an SNMP manager can communicate with an agent that resides on a different device, enabling centralized management of a large number of network devices. AgentX uses a client-server model, where the SNMP manager acts as the client and the SNMP agent acts as the server.
- agentx
Start SNMP Daemon and AgentX on the system
- no agentx
Stop SNMP Daemon and AgentX on the system
SNMP Users
To access the SNMP MIBs, one or more users should be available. Currently, only SNMPv3 is supported.
- snmp-server user USER auth <md5|sha> PASSWORD [priv des56 PRIV]
The command is used to configure SNMPv3 user authentication and authorization parameters on a device.
USER
: is the username of the SNMPv3 user being configured.auth
: specifies the authentication type, eithermd5
orsha
.PASSWORD
: is the authentication passphrase used to authenticate the user.priv
: (optional) specifies the encryption type, which can bedes
.PRIV
: (optional) is the encryption passphrase used to encrypt SNMPv3 packets.
This command creates a new SNMPv3 user on the device and sets its authentication and encryption parameters. The md5 and sha parameters specify the authentication algorithm used to protect SNMPv3 messages, while the des56 parameter specifies the encryption algorithm used to encrypt the SNMPv3 messages.
If the priv parameter is specified, the user is granted access to SNMPv3 encrypted data. The PRIV parameter specifies the encryption passphrase that is used to encrypt the SNMPv3 packets.
Note
Password length can’t be lesser than
8
characters.Example:
soodar(config)# snmp-server user normal-user auth sha 12345678 soodar(config)# snmp-server user priv-user auth sha 12345678 priv des56 87654321
The first command creates an SNMP user called “normal-user” with SHA authentication and a password of “12345678”.
The second command creates an SNMP user called “priv-user” with SHA authentication, a password of “12345678”, and DES56 privacy encryption with a password of “87654321”. This means that any SNMP traffic sent from this user will be both authenticated and encrypted