Cisco Cisco IOS Software Release 12.2(33)XNE
2-24
Cisco 10000 Series Router Lawful Intercept Configuration Guide
OL-3426-03
Chapter 2 Configuring Lawful Intercept Support
Configuring SNMPv3
•
Cisco IOS Configuration Fundamentals Configuration Guide, Part 3: Cisco IOS System
Management, “Configuring SNMP Support” section, available at the following URL:
Management, “Configuring SNMP Support” section, available at the following URL:
•
Cisco IOS Configuration Fundamentals Command Reference, Part 3: Cisco IOS System
Management Commands, “SNMP Commands” section, available at the following URL:
Management Commands, “SNMP Commands” section, available at the following URL:
Creating a Restricted SNMP View that Includes the Lawful Intercept MIBs
To create and assign users to an SNMP view that includes the Cisco Lawful Intercept MIBs, perform the
following procedure at the CLI, in global configuration mode with level-15 access rights. For command
examples, see the
following procedure at the CLI, in global configuration mode with level-15 access rights. For command
examples, see the
.
Note
The command syntax in the following steps includes only those keywords required to perform
each task. For details on command syntax, see the documents listed in the
each task. For details on command syntax, see the documents listed in the
.
Step 1
Make sure that SNMPv3 is configured on the router. For instructions, see the documents listed in the
Step 2
Create an SNMP view that includes the CISCO-TAP2-MIB, CISCO-IP-TAP-MIB, and
CISCO-USER-CONNECTION-TAP-MIB (where
CISCO-USER-CONNECTION-TAP-MIB (where
view_name
is the name of the view to create for the
MIB).
Router(config)# snmp-server view view_name cTap2MIB included
Step 3
Create an SNMP user group that has access to the CISCO-TAP2-MIB view and define the group’s access
rights to the view.
rights to the view.
Router(config)# snmp-server group groupname v3 noauth read view_name write view_name
Step 4
Add users to the user group you just created (where
username
is the user,
groupname
is the user group,
and
auth_password
is the authentication password):
Router(config)# snmp-server user username groupname v3 auth md5 auth_password
Note
Be sure to add the mediation device to the user group; otherwise, the router cannot perform
lawful intercepts. Access to the CISCO-TAP2-MIB view should be restricted to the
mediation device and to system administrators who need to know about lawful intercepts on
the router.
lawful intercepts. Access to the CISCO-TAP2-MIB view should be restricted to the
mediation device and to system administrators who need to know about lawful intercepts on
the router.
The mediation device is now able to access the Lawful Intercept MIBs, and issue SNMP set and get
requests to configure and run lawful intercepts on the router.
requests to configure and run lawful intercepts on the router.
For instructions on how to configure the router to send SNMP notifications to the mediation device, go
to the
to the