SNMP v3 + Cisco IOS Crash Course

SNMPv3 allows for authentication and encryption (AES, DES, 3-DES) for managing core routers and switches. CiscoWorks LAN Manager Solution (LMS) requires SNMP v3 to be enabled and setup correctly for doing port VLAN tagging and a various other features through the LMS web interface. Here is a simple crash course on setting up SNMPv3 on an Cisco IOS device.

snmp-server view readview internet included
snmp-server view writeview internet included

This step will attach a view to a group. To keep things simple we will follow the same layout as the views, a group for read (readgroup) and a group for read/write (writegroup).

snmp-server group readgroup v3 priv read readview
snmp-server group writegroup v3 priv write writeview

Add a username to the readgroup or writegroup with an authpassword and a passphrase. Repeat this step for additional users.

snmp-server user <username> <group> v3 auth sha <authpass> priv aes 256 <passphrase>

Finally, specify access to the host and user that your monitoring software will use to connect to the Cisco Switch via SNMP.

snmp-server host <ipaddress/fqdn> version 3 priv <user>

Leave a Reply