Cisco Systems 3750E Manual De Usuario
33-7
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
OL-9775-02
Chapter 33 Configuring SNMP
Configuring SNMP
Default SNMP Configuration
shows the default SNMP configuration.
SNMP Configuration Guidelines
If the switch starts and the witch startup configuration has at least one snmp-server global configuration
command, the SNMP agent is enabled.
command, the SNMP agent is enabled.
An SNMP group is a table that maps SNMP users to SNMP views. An SNMP user is a member of an
SNMP group. An SNMP host is the recipient of an SNMP trap operation. An SNMP engine ID is a name
for the local or remote SNMP engine.
SNMP group. An SNMP host is the recipient of an SNMP trap operation. An SNMP engine ID is a name
for the local or remote SNMP engine.
When configuring SNMP, follow these guidelines:
•
When configuring an SNMP group, do not specify a notify view. The snmp-server host global
configuration command autogenerates a notify view for the user and then adds it to the group
associated with that user. Modifying the group's notify view affects all users associated with that
group. See the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 for
information about when you should configure notify views.
configuration command autogenerates a notify view for the user and then adds it to the group
associated with that user. Modifying the group's notify view affects all users associated with that
group. See the Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 for
information about when you should configure notify views.
•
To configure a remote user, specify the IP address or port number for the remote SNMP agent of the
device where the user resides.
device where the user resides.
•
Before you configure remote users for a particular agent, configure the SNMP engine ID, using the
snmp-server engineID global configuration with the remote option. The remote agent's SNMP
engine ID and user password are used to compute the authentication and privacy digests. If you do
not configure the remote engine ID first, the configuration command fails.
snmp-server engineID global configuration with the remote option. The remote agent's SNMP
engine ID and user password are used to compute the authentication and privacy digests. If you do
not configure the remote engine ID first, the configuration command fails.
•
When configuring SNMP informs, you need to configure the SNMP engine ID for the remote agent
in the SNMP database before you can send proxy requests or informs to it.
in the SNMP database before you can send proxy requests or informs to it.
•
If a local user is not associated with a remote host, the switch does not send informs for the auth
(authNoPriv) and the priv (authPriv) authentication levels.
(authNoPriv) and the priv (authPriv) authentication levels.
•
Changing the value of the SNMP engine ID has important side effects. A user's password (entered
on the command line) is converted to an MD5 or SHA security digest based on the password and the
local engine ID. The command-line password is then destroyed, as required by RFC 2274. Because
of this deletion, if the value of the engine ID changes, the security digests of SNMPv3 users become
on the command line) is converted to an MD5 or SHA security digest based on the password and the
local engine ID. The command-line password is then destroyed, as required by RFC 2274. Because
of this deletion, if the value of the engine ID changes, the security digests of SNMPv3 users become
Table 33-4
Default SNMP Configuration
Feature
Default Setting
SNMP agent
Disabled
1
.
1.
This is the default when the switch starts and the startup configuration does not have any snmp-server global configuration
commands.
commands.
SNMP trap receiver
None configured.
SNMP traps
None enabled except the trap for TCP connections (tty).
SNMP version
If no version keyword is present, the default is Version 1.
SNMPv3 authentication
If no keyword is entered, the default is the noauth (noAuthNoPriv)
security level.
security level.
SNMP notification type
If no type is specified, all notifications are sent.