Configuring Snmp Users - Cisco 4700M Administration Manual
Application control engine appliance
Hide thumbs
Also See for 4700M:
- Configuration manual (388 pages) ,
- Upgrade manual (24 pages) ,
- Installation manual (18 pages)
Table of Contents
Advertisement
Configuring SNMP
Specify which host is to receive SNMP notifications.
Step 7
host1/Admin(config)# snmp-server host 192.168.1.1 traps version 2c SNMP_Community1
udp-port 500
Enable the ACE to send SNMP traps and inform requests to the NMS.
Step 8
host1/Admin(config)# snmp-server enable traps slb
Create a class map that permits network management traffic to be received by the ACE based on the
Step 9
SNMP management protocol and client source IP address.
host1/Admin(config)# class-map type management match-all SNMP-ALLOW_CLASS
host1/Admin(config-cmap-mgmt)# match protocol snmp source-address 172.16.10.0
255.255.255.254
host1/Admin(config-cmap-mgmt)# exit
host1/Admin(config)#
Configure a policy map that activates the SNMP management protocol classifications.
Step 10
host1/Admin(config)# policy-map type management first-match SNMP-ALLOW_POLICY
host1/Admin(config-pmap-mgmt)# class SNMP-ALLOW_CLASS
host1/Admin(config-pmap-mgmt-c)# permit
host1/Admin(config-pmap-mgmt-c)# exit
host1/Admin(config-pmap-mgmt)# exit
host1/Admin(config)#
Attach the traffic policy to a single VLAN interface or globally to all VLAN interfaces in the same
Step 11
context. For example, to specify an interface VLAN and apply the SNMP management policy map to the
VLAN, enter:
host1/Admin(config)# interface vlan 50
host1/Admin(config-if)# ip address 172.16.10.0 255.255.255.254
host1/Admin(config-if)# service-policy input SNMP-ALLOW_POLICY
host1/Admin(config-if)# exit
(Optional) Save your configuration changes to Flash memory.
Step 12
host1/Admin(config)# exit
host1/Admin# copy running-config startup-config
Configuring SNMP Users
This section describes how to configure SNMP users from the ACE CLI. User configuration includes
information such as specifying the role group that the user belongs to, authentication parameters for the
user, the authentication password, and message encryption parameters.
The ACE synchronizes the interactions between the user created by the username command and by the
snmp-server user command; updates to a user through the ACE CLI are automatically reflected in the
SNMP server. For example, deleting a user automatically results in the user being deleted forboth SNMP
and CLI. In addition, user-role mapping changes are reflected in SNMP.
If you change the SNMP engine ID for an Admin or user context, all configured SNMP users become
Caution
invalid. You must recreate all SNMP users by using the snmp-server user command in configuration
mode. For more information on the SNMPv3 engine ID, see the
for an ACE Context"
Cisco 4700 Series Application Control Engine Appliance Administration Guide
7-32
section.
Chapter 7
Configuring SNMP
"Configuring an SNMPv3 Engine ID
OL-20823-01
Advertisement
Table of Contents
