Microsoft ES4649 Manuel D’Utilisation
Simple Network Management Protocol
3-43
3
Setting a Local Engine ID
An SNMPv3 engine is an independent SNMP agent that resides on the switch. This
engine protects against message replay, delay, and redirection. The engine ID is
also used in combination with user passwords to generate the security keys for
authenticating and encrypting SNMPv3 packets.
engine protects against message replay, delay, and redirection. The engine ID is
also used in combination with user passwords to generate the security keys for
authenticating and encrypting SNMPv3 packets.
A local engine ID is automatically generated that is unique to the switch. This is
referred to as the default engine ID. If the local engineID is deleted or changed, all
SNMP users will be cleared. You will need to reconfigure all existing users.
referred to as the default engine ID. If the local engineID is deleted or changed, all
SNMP users will be cleared. You will need to reconfigure all existing users.
A new engine ID can be specified by entering 1 to 26 hexadecimal characters. If less
than 26 characters are specified, trailing zeroes are added to the value. For
example, the value “1234” is equivalent to “1234” followed by 22 zeroes.
than 26 characters are specified, trailing zeroes are added to the value. For
example, the value “1234” is equivalent to “1234” followed by 22 zeroes.
Web – Click SNMP, SNMPv3, Engine ID. Enter an ID of up to 26 hexadecimal
characters and then click Save.
characters and then click Save.
Figure 3-28 Setting the SNMPv3 Engine ID
CLI – This example sets an SNMPv3 engine ID.
Specifying a Remote Engine ID
To send inform messages to an SNMPv3 user on a remote device, you must first
specify the engine identifier for the SNMP agent on the remote device where the
user resides. The remote engine ID is used to compute the security digest for
authenticating and encrypting packets sent to a user on the remote host.
specify the engine identifier for the SNMP agent on the remote device where the
user resides. The remote engine ID is used to compute the security digest for
authenticating and encrypting packets sent to a user on the remote host.
SNMP passwords are localized using the engine ID of the authoritative agent. For
informs, the authoritative SNMP agent is the remote agent. You therefore need to
configure the remote agent’s SNMP engine ID before you can send proxy requests
or informs to it. (See “Specifying Trap Managers and Trap Types” on page 3-40 and
“Configuring Remote SNMPv3 Users” on page 3-46.)
informs, the authoritative SNMP agent is the remote agent. You therefore need to
configure the remote agent’s SNMP engine ID before you can send proxy requests
or informs to it. (See “Specifying Trap Managers and Trap Types” on page 3-40 and
“Configuring Remote SNMPv3 Users” on page 3-46.)
Console(config)#snmp-server engine-id local 12345abcdef
Console(config)#exit
Console#show snmp engine-id
Console#show snmp engine-id
Local SNMP engineID: 8000002a8000000000e8666672
Local SNMP engineBoots: 1
Console#
Local SNMP engineBoots: 1
Console#